mobile.nation.co.ke Open in urlscan Pro
151.101.14.207 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.google.com/url?sa=t&source=web&rct=j&url=https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four...
Effective URL:
https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Submission: On March 19 via manual (March 19th 2020, 3:11:24 pm UTC) from US

Summary HTTP 202 Redirects Links 52 Behaviour Indicators

Summary

This website contacted 45 IPs in 9 countries across 40 domains to perform 202 HTTP transactions. The main IP is 151.101.14.207, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is mobile.nation.co.ke.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on March 9th 2020. Valid for: a year.

This is the only time mobile.nation.co.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 5	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
32	151.101.14.207 151.101.14.207	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2	104.17.67.240 104.17.67.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	23.37.42.13 23.37.42.13	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:205... 2600:9000:2057:7400:18:1fcd:349:ca21	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
1	104.17.66.240 104.17.66.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.202.82 143.204.202.82	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE)
11	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::714	54113 (FASTLY) (FASTLY)
1 1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1	99.86.3.128 99.86.3.128	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
1	95.101.184.183 95.101.184.183	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
34	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY)
1	99.86.3.20 99.86.3.20	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	52.202.215.150 52.202.215.150	14618 (AMAZON-AES) (AMAZON-AES)
1	52.3.43.12 52.3.43.12	14618 (AMAZON-AES) (AMAZON-AES)
1 3	104.74.100.205 104.74.100.205	16625 (AKAMAI-AS) (AKAMAI-AS)
21	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1 12	151.101.113.44 151.101.113.44	54113 (FASTLY) (FASTLY)
1	99.86.3.43 99.86.3.43	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2006	15169 (GOOGLE) (GOOGLE)
6	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1 1	35.201.85.158 35.201.85.158	15169 (GOOGLE) (GOOGLE)
2 2	18.194.83.84 18.194.83.84	16509 (AMAZON-02) (AMAZON-02)
1 5	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	40.113.136.100 40.113.136.100	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 3	185.29.132.23 185.29.132.23	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	74.214.194.139 74.214.194.139	59940 (PULSEPOIN...) (PULSEPOINT-EU)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	185.33.223.208 185.33.223.208	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE)
2 2	52.208.216.178 52.208.216.178	16509 (AMAZON-02) (AMAZON-02)
1 1	52.34.54.104 52.34.54.104	16509 (AMAZON-02) (AMAZON-02)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
3 3	52.57.242.37 52.57.242.37	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	52.5.9.65 52.5.9.65	14618 (AMAZON-AES) (AMAZON-AES)
1	52.20.123.7 52.20.123.7	14618 (AMAZON-AES) (AMAZON-AES)
202	45

5 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 151.101.14.207 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

mobile.nation.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bc.marfeelcache.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.67.240 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.nation.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.37.42.13 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-13.deploy.static.akamaitechnologies.com

secure.widget.cloud.opta.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:7400:18:1fcd:349:ca21 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.66.240 (United States)

ASN13335 (CLOUDFLARENET, US)

www.nation.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.82 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-82.fra53.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::714 (Ascension Island)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.128 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-128.fra6.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.184.183 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a95-101-184-183.deploy.static.akamaitechnologies.com

d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.20 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-20.fra6.r.cloudfront.net

ggblmmkf.uuxnwoevyb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.215.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-215-150.compute-1.amazonaws.com

ingestion.contentinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.43.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-43-12.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.74.100.205 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-74-100-205.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.113.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.43 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-43.fra6.r.cloudfront.net

173jkou.mkcltwzhu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.zorosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.85.158 (Ascension Island) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 158.85.201.35.bc.googleusercontent.com

server.exposebox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.83.84 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-83-84.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.14.49 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
convammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.113.136.100 (Amsterdam, Netherlands) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.powerlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.23 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.139 (Amsterdam, Netherlands) 1 redirects

ASN59940 (PULSEPOINT-EU, NL)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.208 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.216.178 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-216-178.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.34.54.104 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-54-104.us-west-2.compute.amazonaws.com

www.storygize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.242.37 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-242-37.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.242 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.5.9.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-9-65.compute-1.amazonaws.com

ingestion.contentinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.123.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-123-7.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	taboola.com 2 redirects cdn.taboola.com trc.taboola.com 15.taboola.com match.taboola.com cds.taboola.com images.taboola.com vidstat.taboola.com imprammp.taboola.com convammp.taboola.com wf.taboola.com	923 KB
33	nation.co.ke mobile.nation.co.ke cdn.nation.co.ke www.nation.co.ke	524 KB
23	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	388 KB
19	ampproject.org cdn.ampproject.org	483 KB
19	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net	119 KB
8	opta.net secure.widget.cloud.opta.net	292 KB
7	google.com 4 redirects www.google.com apis.google.com	69 KB
5	youtube.com img.youtube.com www.youtube.com	39 KB
4	contentinsights.com ingestion.contentinsights.com	460 B
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	google-analytics.com 1 redirects www.google-analytics.com	36 KB
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	32 KB
2	adform.net 2 redirects c1.adform.net	587 B
2	adsrvr.org 2 redirects match.adsrvr.org	917 B
2	adnxs.com ib.adnxs.com	1 KB
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	763 B
2	powerlinks.com 2 redirects px.powerlinks.com	1 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	chartbeat.net ping.chartbeat.net	336 B
2	facebook.net connect.facebook.net	116 KB
2	google.de adservice.google.de www.google.de	287 B
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
2	googletagservices.com www.googletagservices.com	41 KB
2	cloudflare.com cdnjs.cloudflare.com	82 KB
2	marfeelcache.com bc.marfeelcache.com	14 KB
1	bttrack.com bttrack.com	380 B
1	storygize.net 1 redirects www.storygize.net	430 B
1	contextweb.com 1 redirects bh.contextweb.com	473 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	zorosrv.com match.zorosrv.com	293 B
1	exposebox.com 1 redirects server.exposebox.com	217 B
1	googleapis.com imasdk.googleapis.com	90 KB
1	mkcltwzhu.com 173jkou.mkcltwzhu.com	869 B
1	ytimg.com s.ytimg.com	13 KB
1	uuxnwoevyb.com ggblmmkf.uuxnwoevyb.com	35 KB
1	rackcdn.com d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com	6 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
202	40

	Domain	Requested by
30	mobile.nation.co.ke	www.google.com mobile.nation.co.ke
19	cdn.ampproject.org	securepubads.g.doubleclick.net
18	images.taboola.com	mobile.nation.co.ke
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net mobile.nation.co.ke cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
12	trc.taboola.com	1 redirects cdn.taboola.com mobile.nation.co.ke
11	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com mobile.nation.co.ke
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net mobile.nation.co.ke
8	secure.widget.cloud.opta.net	mobile.nation.co.ke secure.widget.cloud.opta.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com mobile.nation.co.ke
5	cdn.taboola.com	mobile.nation.co.ke cdn.taboola.com cdn.ampproject.org
5	pagead2.googlesyndication.com	mobile.nation.co.ke pagead2.googlesyndication.com
5	www.google.com	4 redirects
4	wf.taboola.com	vidstat.taboola.com
4	ingestion.contentinsights.com	mobile.nation.co.ke
4	img.youtube.com	mobile.nation.co.ke
3	x.bidswitch.net	3 redirects
3	sync.mathtag.com	3 redirects
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com mobile.nation.co.ke
3	www.google-analytics.com	1 redirects www.googletagmanager.com secure.widget.cloud.opta.net
2	convammp.taboola.com	mobile.nation.co.ke
2	c1.adform.net	2 redirects
2	match.adsrvr.org	2 redirects
2	ib.adnxs.com	mobile.nation.co.ke
2	px.powerlinks.com	2 redirects
2	match.taboola.com	1 redirects vidstat.taboola.com
2	rtb.mfadsrvr.com	2 redirects
2	ping.chartbeat.net	mobile.nation.co.ke
2	apis.google.com	mobile.nation.co.ke apis.google.com
2	connect.facebook.net	mobile.nation.co.ke connect.facebook.net
2	www.googletagservices.com	mobile.nation.co.ke pagead2.googlesyndication.com
2	static.chartbeat.com	mobile.nation.co.ke
2	cdnjs.cloudflare.com	mobile.nation.co.ke
2	cdn.nation.co.ke	mobile.nation.co.ke
2	bc.marfeelcache.com	mobile.nation.co.ke bc.marfeelcache.com
1	imprammp.taboola.com	www.google.com
1	cds.taboola.com	mobile.nation.co.ke
1	bttrack.com	mobile.nation.co.ke
1	www.storygize.net	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	bh.contextweb.com	1 redirects
1	pixel.rubiconproject.com	mobile.nation.co.ke
1	match.zorosrv.com	mobile.nation.co.ke
1	server.exposebox.com	1 redirects
1	15.taboola.com	cdn.taboola.com
1	static.doubleclick.net	ggblmmkf.uuxnwoevyb.com
1	imasdk.googleapis.com	ggblmmkf.uuxnwoevyb.com
1	173jkou.mkcltwzhu.com	ggblmmkf.uuxnwoevyb.com
1	s.ytimg.com	www.youtube.com
1	ggblmmkf.uuxnwoevyb.com	mobile.nation.co.ke
1	d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com	mobile.nation.co.ke
1	certify.alexametrics.com	mobile.nation.co.ke
1	www.google.de	mobile.nation.co.ke
1	stats.g.doubleclick.net	1 redirects
1	mab.chartbeat.com	static.chartbeat.com
1	adservice.google.de	www.googletagservices.com
1	certify-js.alexametrics.com	mobile.nation.co.ke
1	www.youtube.com	mobile.nation.co.ke
1	cdn.onesignal.com	mobile.nation.co.ke
1	www.nation.co.ke	mobile.nation.co.ke
1	www.googletagmanager.com	mobile.nation.co.ke
202	62

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
api.whatsapp.com
whatsapp.nation.co.ke
t.me
www.nation.co.ke
ntv.nation.co.ke
popup.taboola.com
landing.americangcs.com
trkwl.me
om.forgeofempires.com
12tracku.com
www.browserguides.org
go.babbel.com
www.panzerrush.com
a-great-international-dubai-properties.fyi
www.haircutsmag.com
www.thedigitalnewsroom.com
fitandnutrition.com
aspireabove.com
womanveritas.com
topexpensive.com
celebsland.com
happy-tricks.com
journeygogo.com
triponmag.com
epaper.nationmedia.com
play.google.com
itunes.apple.com
www.nationmedia.com
www.africareview.com
www.theeastafrican.co.ke
www.businessdailyafrica.com
www.monitor.co.ug
www.mwananchi.co.tz
taifaleo.nation.co.ke
www.swahilihub.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
www.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
marfeel2.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-03-09` - `2021-02-21`	a year	crt.sh
marfeel5.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-10-24` - `2020-08-08`	9 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-30` - `2020-10-09`	8 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
san9.performgroup.com GeoTrust RSA CA 2018	`2020-02-20` - `2020-11-11`	9 months	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2019-04-10` - `2020-04-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
ssl898578.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-10-11` - `2020-04-18`	6 months	crt.sh
certify-js.alexametrics.com Amazon	`2019-07-26` - `2020-08-26`	a year	crt.sh
f6.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-02-18` - `2020-08-07`	6 months	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
certify.alexametrics.com Amazon	`2019-07-26` - `2020-08-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.ssl.cf1.rackcdn.com DigiCert SHA2 Secure Server CA	`2019-03-20` - `2020-06-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-03-03` - `2020-07-25`	5 months	crt.sh
uuxnwoevyb.com Amazon	`2019-05-23` - `2020-06-23`	a year	crt.sh
*.contentinsights.com Go Daddy Secure Certificate Authority - G2	`2019-07-15` - `2020-09-13`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.taboola.com DigiCert SHA2 Secure Server CA	`2020-02-19` - `2020-09-10`	7 months	crt.sh
mkcltwzhu.com Amazon	`2020-01-28` - `2021-02-28`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
g2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-11-21` - `2020-11-12`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh

This page contains 11 frames:

Primary Page: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Frame ID: FFD5308A88341B19CC5C3BA23BE07C25
Requests: 140 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200316/r20190131/zrt_lookup.html
Frame ID: BD561B2599A015D25BEEF5ED58E5413F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0846142691248784&output=html&adk=3046330955&adf=2044148826&lmt=1584630659&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1584630659809&bpp=13&bdt=508&fdt=91&idt=92&shv=r20200316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=926091186532&frm=20&pv=2&ga_vid=1911570093.1584630660&ga_sid=1584630660&ga_hid=1473550051&ga_fc=0&iag=0&icsg=4490389023244284&dssz=84&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060078&oid=3&pvsid=1757419936386997&ref=https%3A%2F%2Fwww.google.com%2F&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=6&uci=a!6&fsb=1&dtd=104
Frame ID: 24A0353D6D3589518639FA4A76F85370
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003031842100/amp4ads-v0.js
Frame ID: 76F674EDFCD09E80447C93CE5E7B2535
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 76E8FE1E689763DDC479C3E712ACC4A8
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003031842100/amp4ads-v0.js
Frame ID: F12BD8344426899FE40A9F2757A8E832
Requests: 12 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go828t3jir
Frame ID: 2DAE8B3345D623B6A110E324BA41D5A7
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003031842100/amp4ads-v0.js
Frame ID: D7A0A1AFB8D763285E1A0DC9EF63E6F2
Requests: 15 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=8021617&ttype=0&cirid=A68F5DEC9121979862152915986&cicmp=1522581&cijs=1&dast=V7iF0CFgMLAL6wcFLNRwQLAL6wcFLNRwUAAAAGBjsHHUEbzlgjFoe5mCyWu-VwNhksdrvVZDTcbYZTcJiy0-SyHNQCWdPk8rshDU2nw-e616v9FqfZZZc7TE-_3a7x27Uuv9zl-_w1Rddi7ZZZHq6TW_P6HF4e01voMpvcMr_lLfO7Lm-Rw_n5K5arwXI0W6tGw8VuMVpr7M6xz-VX2k0u411oepvtAAAAAPAAcES5BvEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAVBgGKYBQMGhsC6X5eKy_Fx2fwAAPASAAAAMKJAACOiHlwBEgKedAAAAAAAAAACw_P___8cA6JnFyQBc7FTeGPQAPPgAPAgBAABcDGX0UgqOPD-AExUcFjECAAAAkDKbKDya1AmVRRUAAEG6FcAVAEAA3DxWf1SW7qDEWxgAAACBWEcWCD3t0gnq2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNiMuBOA6L8JlX7BQQAWPsFBABgUzcAgDcBuJC7QNPp8Lnu9brf767z-31ml13jd_tFR9CKwWB1BrTcbGar2QEAAADc_f___-N1ZIHQ0y6doOqBxMa58u0Wg5VjthtuJqPJZrcxWVae1cxmmTkcLu-BlB1vqU84JfQ5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EbjTACRoOB4vdYLFbLIaTxWQ0WA4WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY2A1njuVq4lYZRsa1aDTxuJWjycitMg13o8HKuZpsDGvR62N6zUaOxWC0RcGAt70ILtKJ3GF6-u1ul8np8Fn-rsNb5HCanXeH6em3W8QSzckincgu-8bGufLtFoOVY7YbbiajyWa3MVlWntXMZpk5HC5_YzecOZariVtlGBnXotHE41aOJiO3yjTcjQYr52qyMaxFr4_pNRs5FoPRvrEajmabwWw22DdWw9FsM5jNBvsOg_doLW4VHpnEGa0WhzLTQeEyWLwb1eo4_kwO0rLZ6BSqvquDyuj3-_1-v9_v9_v9Bq3nYDYofNeyVPk37G7ObfZ1MCpiieB0kU5EL-PpIpZInhbpRGYaTRYuy8jhHG5ms9Vwspq5bIvFyuJw2SYzi2MilihNF-lEL3f5Pn_N0bVYu2WWh-vk1rw-h5fH9Ba6zCa3zG95y_yuy1vkcH7-iuVqsBzN1qrRcLFbjNYau3Psc_mVdpPLeBea3maL-o8NOJkrBpO5YjlXbDarBAAAAAAAAACwhDnzJgAAAACnQSxXk-VuuQAQUua7Drvo9ZKXEefFjR9zuMP09NvdLpPT4bP8XYe3yOE0O-8O09NvN_Nm1gAAAAI!&excid=22&tst=1&docw=0&cs=false
Frame ID: BAF7F2135F6D36FD994E711F9BC8E8EA
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sync?dast=V7_bQCFgMLAL6wcFLNRwQLAL6wcFLNRwUAAAAGBjsHG0EbzlgjFoe5mCyWu-VwNlmsJsvFajmcDaEjaMMZa8TiMBeTxXK3HM4mg8Vut5qMhrvNcAoOU3aaXJaDWiBrmlx-N6Sh6XT4XPd6td_iNLvscofp6bfbNX671uWXu3yfv6boWqzdMsvDdXJrXp_Dy2N6C11mk1vmt7xlftflLXI4P3_FcjVYjmZr1Wi42C1Ga43dOfa5_Eq7yWW8C01vsx0AAAAAHgCOKNcgfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAACgzDNAAoOBTW5bJcXJafy-4PAICHABAAgAEFEgAB_fASgAjwtBMAAAAAAAAAAJb_____GAA9szgZgIudyh6ABx-AB6KCwyJGAAAAAFJmE4VHkzqhsqgCACBItwK4AgAIgJvH6o8KAwAAIBDryAKhp106QR1boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQkwG3GlAlN-kar-AAABrv4AAAGzqBgDwJgAXchdoOh0-171e9_vddX6_z-yya_xuv-gIWjEYrM6AlpvNbDU7AAAAgLv___9_vI4sEHrapRNUPZDYOFe-3WKwcsx2w81kNNnsNibLyrOa2Swzh8PlPZCy4y31CaeEPocpO00uy0EtkDVNLr_9JmwxWk0mm-VwtlxMBsPRcDTan8CNBjhBw-FgsRssdovFcLKYjAbLwQIFYjDBCRmONpPVaLfaTZbDyWg020w2SNGq1Wy0GQxXs8lst1sNB8PlaIQUrVnMJpPFbLTcbQbLyWgwnAyHCBO74cyxXE3cKsPIuBaNJh63cjQZuVWm4W40WDlXk41hLXp9TK_ZyLEYjLYoGPC2F8FFOpE7TE-_3e0yOR0-y991eIscTrPz7jA9_XaLWKI5WaQT2WXf2DhXvt1isHLMdsPNZDTZ7DYmy8qzmtksM4fD5W_shjPHcjVxqwwj41o0mnjcytFk5FaZhrvRYOVcTTaGtej1Mb1mI8diMNo3VsPRbDOYzQb7xmo4mm0Gs9lg32HwHq3FrcIjkzij1eJQZjooXAaLd6NaHcefyUFaNhudQtV3dVAZ_X6_3-_3-_1-v9-g9RzMBoXvWpYq_4bdzbnNvg5GRSwRnC7SiehlPF3EEsnTIp3ITKPJwmUZOZzDzWy2Gk5WM5dtsVhZHC7bZGZxTMQSpekinejlLt_nrzm6Fmu3zPJwndya1-fw8pjeQpfZ5Jb5LW-Z33V5ixzOz1-xXA2Wo9laNRoudovRWmN3jn0uv9JuchnvQtPbbFH_sQEnc8VgMlcs54rNZpUAAAAAAAAAAJYwZ94EAAAA4DSI5Wqy3C0XAELKfNdhF71e8jLivLjxYw53mJ5-u9tlcjp8lr_r8BY5nGbn3WF6-u1mDg!&excid=22&docw=0&cijs=1
Frame ID: BCD74CF4CF4AF9A169F51594D58ADC3F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 336E8930A018C842DEFD679650ED85B2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.google.com/url?sa=t&source=web&rct=j&url=https://mobile.nation.co.ke/news/Sh51m-fraud-s... Page URL
https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html Page URL

Detected technologies

Google Web Server (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /gws/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

202
Requests

99 %
HTTPS

39 %
IPv6

40
Domains

62
Subdomains

45
IPs

9
Countries

3339 kB
Transfer

8546 kB
Size

13
Cookies

52 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/share?text=Sh51m%20fraud%20suspect%20held%20for%20four%20days&url=https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html&via=dailynation

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Search URL Search Domain Scan URL

URL: http://whatsapp.nation.co.ke/
Title: WhatsApp Subscribe

Search URL Search Domain Scan URL

URL: https://www.facebook.com/messages/t/DailyNation
Title: Facebook Messenger Subscribe

Search URL Search Domain Scan URL

URL: https://t.me/joinchat/AAAAAEFe-Usn27J-bxu6Dw
Title: .st0{fill:url(#SVGID_1_)}.st1{fill:#FFF}.st2{fill:#D2E4F0}.st3{fill:#B5CFE4} Telegram Subscribe

Search URL Search Domain Scan URL

URL: https://www.nation.co.ke/news/explainers/Coronavirus-explainer-self-quarantine-step-by-step-guide/5337446-5496730-10kun9b/index.html
Title: 2 Hours Ago Explainer: Self-quarantine, a step-by-step guide

Search URL Search Domain Scan URL

URL: https://ntv.nation.co.ke/news/2720124-5495922-vwy23oz/index.html
Title: We are dealing with a health crisis that will have a ripple effect - President Uhuru

Search URL Search Domain Scan URL

URL: https://ntv.nation.co.ke/news/2720124-5495918-vwy24ez/index.html
Title: Two Italian nationals aboard Ethiopian Airlines flight denied entry into the country

Search URL Search Domain Scan URL

URL: https://ntv.nation.co.ke/news/2720124-5495912-vwy24kz/index.html
Title: UPDATE: Government receives another case of COVID-19, number rises to 4

Search URL Search Domain Scan URL

URL: https://ntv.nation.co.ke/news/2720124-5495838-vwy2u3z/index.html
Title: Shilling weakens to the lowest point since November 2019

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=nationmediagroup-dailynation&utm_medium=referral&utm_content=thumbnails-a:Below%20Article%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://landing.americangcs.com/landing/ms-2?utm_source=taboola&utm_medium=discovery&utm_campaign=NC_bandel_easteur_v2.1_desk_eng&utm_lp_name=V2.1-eng&utm_image=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fe9930702cceded5fad3bd5b2c6daa285.jpg&utm_item_id=2856221553&utm_device=Desktop&utm_publisher=nationmediagroup-dailynation&utm_campaign_id=3340694&utm_text=USA+Green+Card+Lottery+Registration+2020+is+Open+Now.+Check+your+eligibility+to+apply&utm_tci=CjAxNzhmMTk1Yi1lMGQ4LTQ0YmMtOTQyZC1lNDg3NDBlOTUyYzAtdHVjdDU2ZDExMDQSE2luZGlnby1ncmVlbmNhcmQtc2M
Title: U.S Green Card

Search URL Search Domain Scan URL

URL: https://trkwl.me/?flux_fts=olilqcaaxpaqpilziteolilqczlqltlozptpl6961d&campaign_id=4048868&publisher=nationmediagroup-dailynation&ad=New+Classy+%24109+Smartwatch+Takes+Belgium+By+Storm&creative=http%3A%2F%2Fblogs.dailylifetech.com%2Fb%2Fg7smartwatch%2F401%2F031.jpg&banner_id=2887180342&tb_cid=CjAxNzhmMTk1Yi1lMGQ4LTQ0YmMtOTQyZC1lNDg3NDBlOTUyYzAtdHVjdDU2ZDExMDQSDndvcmxkbGVhZHM1LXNj
Title: G7 Smart Watch

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/?ref=tab_row_en_mktdet2&&external_param=235914722&pid=nationmediagroup-dailynation&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F34ae3d8438b9f0684092dd84dd25fdb9.jpeg
Title: Forge of Empires - Free Online Game

Search URL Search Domain Scan URL

URL: https://12tracku.com/path/lp.php?trvid=13696&trvx=5e329375&exid=CjAxNzhmMTk1Yi1lMGQ4LTQ0YmMtOTQyZC1lNDg3NDBlOTUyYzAtdHVjdDU2ZDExMDQSDXlub3QtbXVhbWEtc2M&site=nationmediagroup-dailynation&ci=2285724&cii=2880088901&utm_source=gg1&utm_medium=nationmediagroup-dailynation&utm_term=This+Japanese+Invention+Allows+You+To+Instantly+Speak+43+Languages&utm_content=https%3A%2F%2Fs3.eu-central-1.amazonaws.com%2Fad-uploads-long%2F1%2Fe15dfae4-b658-4d18-895b-90d8cfb8a097.jpg&wid=1069798&platform=Desktop&name=EVENT_NAME&utm_source=taboola&utm_medium=referral
Title: MUAMA Enence Instant Translator Device

Search URL Search Domain Scan URL

URL: https://www.browserguides.org/brave-v-chrome/?utm_source=taboola&utm_medium=referral&campaign=3
Title: Browserguides.com for Brave

Search URL Search Domain Scan URL

URL: https://go.babbel.com/v1/tl?bsc=engunb-experts-4-cs-pd-tst-xx-xo-tb&btp=default&utm_source=Taboola&utm_medium=CON&utm_campaign=XX_ENGALL_gEN_cXO_Experts_CustomerService_4_TST&utm_content=1069798_4060665_2887401471&tcid=CjAxNzhmMTk1Yi1lMGQ4LTQ0YmMtOTQyZC1lNDg3NDBlOTUyYzAtdHVjdDU2ZDExMDQSCWJhYmJlbC1zYw
Title: Babbel

Search URL Search Domain Scan URL

URL: https://www.panzerrush.com/?r=tabpr1t2a02&utm_source=taboola&utm_medium=referral
Title: panzerrush.com

Search URL Search Domain Scan URL

URL: https://a-great-international-dubai-properties.fyi/?ref=trc.taboola.com&sub_id=nationmediagroup-dailynation&sub_id2=1529_sys_dubaiproperties_tab_all_all&compkey=dubai+real+estate+properties
Title: Dubai Properties | Search Ads

Search URL Search Domain Scan URL

URL: https://www.haircutsmag.com/top-50-most-beautiful-legs-in-the-world/?utm_source=taboola&utm_medium=referral
Title: Haircuts Magazine

Search URL Search Domain Scan URL

URL: http://www.thedigitalnewsroom.com/euro-2016-beautiful-girls-supporters-competition.html?utm_source=taboola&utm_medium=referral&utm_campaign=Euro2016
Title: The Digital NewsRoom

Search URL Search Domain Scan URL

URL: http://fitandnutrition.com/20-natural-antibiotics/?utm_source=taboola&utm_term=nationmediagroup-dailynation_1069798&utm_content=139470769_http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2FGETTY_IMAGES%2FSKP%2F1029704850__n96eXJyB.jpg_20+Natural+Antibiotics+That+Fight+Infection_Desktop_2020-03-19+15%3A11%3A00&utm_medium=referral&utm_campaign=NaturalAntibiotics-ALL-DTM-FFO-DM
Title: Fit and Nutrition

Search URL Search Domain Scan URL

URL: http://aspireabove.com/15-best-physical-exercises-for-men/?utm_source=taboola&utm_term=nationmediagroup-dailynation_1069798&utm_content=240344328_http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F493cf3cc87e7ce480ad2384788be1b23.jpg_Get+Rid+of+the+Belly+Fat+-+15+Manly+Excercises_Desktop_2020-03-19+15%3A11%3A00&utm_medium=referral&utm_campaign=MenExercise-All-DTM-ASP-TB
Title: AspireAbove.com

Search URL Search Domain Scan URL

URL: https://womanveritas.com/categories/beauty/makeup-tips-for-mature-women/?utm_source=taboola&utm_campaign=TAB-WOMANVERITAS-ALL-WW-makeup_tips_for_mature_women-03&utm_content=2883945595&utm_medium=nationmediagroup-dailynation&utm_term=1069798
Title: Woman Veritas

Search URL Search Domain Scan URL

URL: https://topexpensive.com/25-most-expensive-dog-breeds-in-the-world/?utm_source=taboola&utm_term=nationmediagroup-dailynation_1069798&utm_content=180575485&utm_medium=referral&utm_campaign=DogBreeds-ALL-DTM-TEX-TB
Title: Topexpensive.com

Search URL Search Domain Scan URL

URL: http://celebsland.com/top-10-strangest-crossbreed-dogs/?utm_source=taboola&utm_term=nationmediagroup-dailynation_1069798&utm_content=88576286&utm_medium=referral&utm_campaign=dog-all-celeb
Title: Celebsland.com

Search URL Search Domain Scan URL

URL: http://happy-tricks.com/en/this-womans-house-smells-amazing-find-out-her-secret/?utm_source=taboola&utm_term=nationmediagroup-dailynation_1069798&utm_content=276110493&utm_medium=referral&utm_campaign=SmellAmazing-All-DTM-HT-TB
Title: HappyTricks.com

Search URL Search Domain Scan URL

URL: https://journeygogo.com/best-destinations-countries-for-nature-lovers/?utm_source=taboola&utm_medium=nationmediagroup-dailynation&utm_term=Top+10+Most+Naturally+Beautiful+Countries+in+the+World&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F5b1d8bd9b3caf8c67f71982279696ea2.jpg&utm_campaign=nature_ot1_desktop2
Title: JourneyGoGo

Search URL Search Domain Scan URL

URL: https://triponmag.com/20-low-budget-paradise-islands/?utm_source=taboola&utm_term=nationmediagroup-dailynation_1069798&utm_content=128662147&utm_medium=CjAxNzhmMTk1Yi1lMGQ4LTQ0YmMtOTQyZC1lNDg3NDBlOTUyYzAtdHVjdDU2ZDExMDQSHHRvcG1lbnNtYWdhemluZS10cmlwb25tYWctc2M&utm_campaign=BudgetIslands-All-DTM-TOM-TB
Title: TripOnMag.com

Search URL Search Domain Scan URL

URL: http://epaper.nationmedia.com/
Title: Today's Paper

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/developer?id=Nation%20Media%20Group&hl=en&pcampaignid=MKT-Other-global-all-co-prtnr-py-PartBadge-Mar2515-1

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/developer/nation-media-group-ltd/id771736086

Search URL Search Domain Scan URL

URL: https://www.nation.co.ke/meta/1194-1174-byky0p/index.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.nation.co.ke/meta/1194-1184-byky1l/index.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.nation.co.ke/meta/1194-1182-byky1j/index.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.nation.co.ke/meta/1194-1186-byky1n/index.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://www.nationmedia.com/
Title: Nation Media Group

Search URL Search Domain Scan URL

URL: http://www.africareview.com/
Title: Africa Review

Search URL Search Domain Scan URL

URL: http://www.theeastafrican.co.ke/
Title: The EastAfrican

Search URL Search Domain Scan URL

URL: http://www.businessdailyafrica.com/
Title: Business Daily

Search URL Search Domain Scan URL

URL: https://ntv.nation.co.ke/
Title: NTV

Search URL Search Domain Scan URL

URL: http://www.monitor.co.ug/
Title: Daily Monitor

Search URL Search Domain Scan URL

URL: http://www.mwananchi.co.tz/
Title: Mwananchi

Search URL Search Domain Scan URL

URL: http://taifaleo.nation.co.ke/
Title: Taifa Leo

Search URL Search Domain Scan URL

URL: http://www.swahilihub.com/
Title: Swahili Hub

Search URL Search Domain Scan URL

URL: https://twitter.com/dailynation

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DailyNation/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dailynation/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/DNKenya

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en
Title: Ad

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.google.com/url?sa=t&source=web&rct=j&url=https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html&ved=2ahUKEwjNlarrlojoAhXSQkEAHdpdCrQQFjABegQIBxAJ&usg=AOvVaw2-ZQn8tKHYGN0kEnrT1BC3 Page URL
https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1473550051&t=pageview&_s=1&dl=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Sh51m%20fraud%20suspect%20held%20for%20four%20days%20-%20Daily%20Nation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1138218907&gjid=924814918&cid=1911570093.1584630660&tid=UA-1030601-4&_gid=1471974779.1584630660&_r=1&gtm=2ou3b2&z=609933402 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1030601-4&cid=1911570093.1584630660&jid=1138218907&_gid=1471974779.1584630660&gjid=924814918&_v=j81&z=609933402 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1030601-4&cid=1911570093.1584630660&jid=1138218907&_v=j81&z=609933402 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1030601-4&cid=1911570093.1584630660&jid=1138218907&_v=j81&z=609933402&slf_rd=1&random=3069900300

Request Chain 99

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1584630660058&ns_c=UTF-8&cv=3.5&c8=Sh51m%20fraud%20suspect%20held%20for%20four%20days%20-%20Daily%20Nation&c7=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&c9=https%3A%2F%2Fwww.google.com%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584630660058&ns_c=UTF-8&cv=3.5&c8=Sh51m%20fraud%20suspect%20held%20for%20four%20days%20-%20Daily%20Nation&c7=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&c9=https%3A%2F%2Fwww.google.com%2F

Request Chain 101

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 122

https://server.exposebox.com/rcm HTTP 302
https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go828t3jir

Request Chain 123

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9f1fdd3d-1091-4b98-a7cb-ea50ae1ff662 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9f1fdd3d-1091-4b98-a7cb-ea50ae1ff662&tbid=178f195b-e0d8-44bc-942d-e48740e952c0-tuct56d1104&query=taboola_hm%3D9f1fdd3d-1091-4b98-a7cb-ea50ae1ff662&isDirect=0 HTTP 302
https://match.zorosrv.com/match?tabid=178f195b-e0d8-44bc-942d-e48740e952c0-tuct56d1104&extuid=9f1fdd3d-1091-4b98-a7cb-ea50ae1ff662&excid=218&query=taboola_hm%3D9f1fdd3d-1091-4b98-a7cb-ea50ae1ff662

Request Chain 125

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps%25253A%25252F%25252Ftrc.taboola.com%25252Fsg%25252Fpowerlinksdsp-network%25252F1%25252Frtb-h%25252F%25253Ftaboola_hm%25253DRyWVrQzKYW5rLwqmHEx8i_XxZDZk15FMeXCFVnYKKr4%2525253D HTTP 302
https://px.powerlinks.com/user/sync/dsps?userId=fc925e73-8b84-4800-a475-9891b553a5b8&sourceId=aa4e7548-789b-4df8-a72f-d951a5b206eb&sync=0&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DRyWVrQzKYW5rLwqmHEx8i_XxZDZk15FMeXCFVnYKKr4%253D HTTP 302
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=RyWVrQzKYW5rLwqmHEx8i_XxZDZk15FMeXCFVnYKKr4%3D

Request Chain 126

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID] HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=fc925e73-8b84-4800-a475-9891b553a5b8 HTTP 302
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=fc925e73-8b84-4800-a475-9891b553a5b8

Request Chain 127

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%% HTTP 302
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Ns2IVuhGEfbk&ev=1&pid=562107

Request Chain 128

https://creativecdn.com/cm-notify?pi=taboola HTTP 302
https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1 HTTP 302
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=vmyXINpHUSRltH9acLXY&pi=taboola&tc=1

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELfz-pvpe2XD2H-OTRGDxdg&google_cver=1

Request Chain 132

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b1aa354b-610b-45fb-b8b9-4fddb77be5b6

Request Chain 133

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=178f195b-e0d8-44bc-942d-e48740e952c0-tuct56d1104 HTTP 302
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 136

https://x.bidswitch.net/sync?ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=7072567428973934420&ssp=taboola HTTP 302
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=6f872591-d926-482a-ab08-d42bd8098600

Request Chain 156

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 170

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

202 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 url Show response
www.google.com/ 1 KB
904 B 31ms
30ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&source=web&rct=j&url=https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html&ved=2ahUKEwjNlarrlojoAhXSQkEAHdpdCrQQFjABegQIBxAJ&usg=AOvVaw2-ZQn8tKHYGN0kEnrT1BC3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

226a0c5448f56368d1462dd49dcebd7e85db7612ddf5eea8b8e6e67ecc9e6528

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /url?sa=t&source=web&rct=j&url=https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html&ved=2ahUKEwjNlarrlojoAhXSQkEAHdpdCrQQFjABegQIBxAJ&usg=AOvVaw2-ZQn8tKHYGN0kEnrT1BC3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Thu, 19 Mar 2020 15:10:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 527
x-xss-protection: 0
set-cookie: NID=200=MzYCDBP0NyOGED1iegh3GjYQLEGc6wxVhL5IlqBYIc0T2N2qKKf5FMFlUU4lX3WtNDJDedrpT0XTUGoGooIgiGcDZ0PnhkUOmaRetX3yC-TABotwH9F1UyoGtryYFwo2xFcP4FonOb_nnVmorVhF8-wixpZl9Fti5nvPRPFKwUU; expires=Fri, 18-Sep-2020 15:10:58 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=WP.284c9b; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 Primary Request index.html Show response
mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/ 46 KB
13 KB 488ms
432ms Document
text/html 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html&ved=2ahUKEwjNlarrlojoAhXSQkEAHdpdCrQQFjABegQIBxAJ&usg=AOvVaw2-ZQn8tKHYGN0kEnrT1BC3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 50289747be14a95dea55f5ee1041c07f727770a649915f942522590c0b3801b2

Request headers

:method: GET
:authority: mobile.nation.co.ke
:scheme: https
:path: /news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://www.google.com/

Response headers

status: 200
server: Apache
content-type: text/html;charset=UTF-8
content-language: en-US
content-encoding: gzip
x-ua-compatible: IE=Edge,chrome=1
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
x-mrf-section-lastmod: 0000000000
accept-ranges: bytes
date: Thu, 19 Mar 2020 15:10:59 GMT
x-served-by: cache-lcy19257-LCY, cache-fra19179-FRA
x-cache: MISS from mobile.nation.co.ke, MISS, MISS
x-cache-hits: 0, 0
x-timer: S1584630659.875399,VS0,VE410
cache-control: public, max-age=60, stale-if-error=2592000
vary: Accept-Encoding, User-Agent
x-b3-traceid: 5e1569db61fc45c3a80112f2f0893eba
x-b3-traceid-primal: 5e1569db61fc45c3a80112f2f0893eba
mrf-cache-status: MM
content-length: 12374

GET
H2 200 gardac-sync.js Show response
bc.marfeelcache.com/statics/marfeel/ 9 KB
4 KB 72ms
23ms Script
application/javascript 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 08488d175ed222ebe005013e57c4394f1cd0aaf4cb7261c697bbd24be7a1d2ba

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-encoding: br
x-b3-traceid: 2a22764527c545d696c4414385fec40e
x-mrs-cache: HIT
status: 200
x-mrs-age: 61458
content-disposition: inline;filename=f.txt
x-served-by: mshield-b-02, mshield-f-02, cache-jax20947-JAX, cache-fra19173-FRA
x-mrf-age: 0
edge-deliver-cache-control: public, max-age=86401
x-mrf-item-lastmod: 0000000000
x-timer: S1584630659.367705,VS0,VE1
etag: "0effe32da1a9048b77ff16f8cd2c5ae5c"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86401
mrf-cache-status: H-HH
access-control-allow-headers: x-requested-with
x-cache-hits: 1, 1
date: Thu, 19 Mar 2020 15:10:59 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-mrf-section-lastmod: 0000000000
x-mrf-lastmod: 0
x-cache: HIT, HIT
x-mrf-rendered: 1583946867497
x-b3-traceid-primal: 08c19185305f4906ba925f6571599fe7
content-length: 3607
x-mshield-cache-status: HIT
x-mrf-type: SECTION
server: nginx
x-mrf-shard: all
x-mrs-cache-hits: 1
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 19ms
15ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1030601-4

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31b6eef74cc73bf8db37834bbd5b263be39fca4bcaaec809d771706255d1af75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 28651
x-xss-protection: 0
expires: Thu, 19 Mar 2020 15:10:59 GMT

GET
H2 200 bluekai-dfp-header-integration.js Show response
cdn.nation.co.ke/dmp/ 7 KB
2 KB 104ms
37ms Script
application/x-javascript 104.17.67.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nation.co.ke/dmp/bluekai-dfp-header-integration.js
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.67.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f20e95cf5f1bf871ae164ee529a1c1fabbca94567351ee3169baacadf68f82bf

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 882
cf-polished: origSize=11445
x-cache: HIT from cdn.nation.co.ke
status: 200
cf-bgj: minify
last-modified: Wed, 17 Jul 2019 05:52:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 57681f952addd92d-AMS
expires: Thu, 26 Mar 2020 15:10:59 GMT

GET
H2 200 fonts.css
mobile.nation.co.ke/nationmedia/css/fonts/ 2 KB
802 B 25ms
22ms Stylesheet
text/css 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/nationmedia/css/fonts/fonts.css
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 4292f66200717843a68e3104a380ad5d567fb9f6125d8987309c291d44fb1246

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-mrf-section-lastmod: 0000000000
x-cache: MISS from mobile.nation.co.ke, HIT, HIT
status: 200
x-b3-traceid: 22e3ae9626914ecd8f3e30a6d28710a4
x-b3-traceid-primal: 9deb254fcc8241d4adbde232d662a76a
content-length: 610
x-served-by: cache-lcy19225-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630659.320854,VS0,VE1
vary: Accept-Encoding, User-Agent
content-type: text/css
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: SS
x-cache-hits: 1, 1

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
7 KB 26ms
22ms Stylesheet
text/css 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 3570270
cf-ray: 57681f94b995e003-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: W/"5afd4910-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Tue, 09 Mar 2021 15:10:59 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 v3.core.opta-widgets.css
secure.widget.cloud.opta.net/v3/css/ 73 KB
11 KB 79ms
22ms Stylesheet
text/css 23.37.42.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.widget.cloud.opta.net/v3/css/v3.core.opta-widgets.css
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.42.13 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-13.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 53b17c99805a4cd15e7b3d461cee839b6055f6d7efa6af2f4e98b11d35316078

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
last-modified: Tue, 29 Oct 2019 09:25:10 GMT
server: AmazonS3
x-amz-request-id: 0BB4CAF4742AEDDD
etag: "9e4594cc3e2f5639b68e4e7b24885ece"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 11144
x-amz-id-2: VUdC0HgfcyaDM1EEOeOHSMcOC/bK2QvYhX8lM/oQMt/BrdJBGmzEJOjdbwK9ysgV3PhAZ4qvkTk=

GET
H2 200 v3.football.opta-widgets.css
secure.widget.cloud.opta.net/v3/css/ 321 KB
42 KB 81ms
24ms Stylesheet
text/css 23.37.42.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.widget.cloud.opta.net/v3/css/v3.football.opta-widgets.css
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.42.13 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-13.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2ed76d451cc988d65d654c965f341a4bd2c5e77dc99c29a5e857127c1b667de0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
last-modified: Thu, 20 Feb 2020 12:51:16 GMT
server: AmazonS3
x-amz-request-id: 519F5A11739F210E
etag: "540eee83a3fed1ed84a2f3fae00ff820"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 42962
x-amz-id-2: aIiAEhwcs9FAYB7C5oOhrW5Ri8v1K3Pn/ykwavrxexLltyeYnvvoqQxWT3a8qGickwdKUxr0zXo=

GET
H2 200 normalize-v1.0.0.css
mobile.nation.co.ke/code/view/DailyNationMobile/-/1953840/-/oflraoz/-/ 2 KB
1 KB 25ms
22ms Stylesheet
text/css 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/1953840/-/oflraoz/-/normalize-v1.0.0.css
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 597e42459d62b5943d6ce4e5e4d024fff06f8d5e8fa56719712c1e6f6406e343

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-mrf-section-lastmod: 0000000000
x-cache: MISS from mobile.nation.co.ke, HIT, HIT
status: 200
x-b3-traceid: ac6614e5683b4ea7b4c4923bc9d35ff4
x-b3-traceid-primal: 6e8431fbf16244b2a74dec91bb78e922
content-length: 882
x-served-by: cache-lcy19244-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630659.320845,VS0,VE1
vary: Accept-Encoding, User-Agent
content-language: en-US
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: HS
content-type: text/css
x-cache-hits: 1, 1

GET
H2 200 mainnew-v1.2.2.css
mobile.nation.co.ke/code/view/DailyNationMobile/-/4093698/-/lee3lp/-/ 37 KB
7 KB 26ms
23ms Stylesheet
text/css 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/4093698/-/lee3lp/-/mainnew-v1.2.2.css
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: ce1e62ec76ac72bb605aac4bf9ddc9f22711ba7dc821bd04c42828976b1e378d

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-mrf-section-lastmod: 0000000000
x-cache: HIT from mobile.nation.co.ke, HIT, HIT
status: 200
x-b3-traceid: de77ed6b80e34fe2b1868869baa765e4
x-b3-traceid-primal: 046f9304a206485ab5271c8a678786fd
content-length: 6912
x-served-by: cache-lcy19244-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630659.320956,VS0,VE1
vary: Accept-Encoding, User-Agent
content-language: en-US
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: HS
content-type: text/css
x-cache-hits: 1, 1

GET
H2 200 carousel.css
mobile.nation.co.ke/code/view/DailyNationMobile/-/1953838/-/oflrbcz/-/ 2 KB
907 B 27ms
24ms Stylesheet
text/css 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/1953838/-/oflrbcz/-/carousel.css
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 839fa90e03844e95c5cac475847360023989e76c9ef8cb7cfea245649e7aa957

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-mrf-section-lastmod: 0000000000
x-cache: MISS from mobile.nation.co.ke, HIT, HIT
status: 200
x-b3-traceid: 7f02bda44dd449fb9196d89e17f15bce
x-b3-traceid-primal: 8521ba749c2b4a888c46be56887a0f1d
content-length: 584
x-served-by: cache-lcy19242-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630659.320952,VS0,VE1
vary: Accept-Encoding, User-Agent
content-language: en-US
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: HS
content-type: text/css
x-cache-hits: 1, 1

GET
H2 200 carousel-style.css
mobile.nation.co.ke/code/view/DailyNationMobile/-/1953836/-/oflrbez/-/ 5 KB
1 KB 27ms
24ms Stylesheet
text/css 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/1953836/-/oflrbez/-/carousel-style.css
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: fcbdda553bc4ce201f5accfa16c3b73f296b326208a24444fb90e3c8f14bd450

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-mrf-section-lastmod: 0000000000
x-cache: HIT from mobile.nation.co.ke, HIT, HIT
status: 200
x-b3-traceid: 3c7ddd6600cc4477877c8b32f27a58a5
x-b3-traceid-primal: 82a7c377962f4bc0b653d8e70652fddc
content-length: 1066
x-served-by: cache-lcy19251-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630659.321043,VS0,VE1
vary: Accept-Encoding, User-Agent
content-language: en-GB
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: HS
content-type: text/css
x-cache-hits: 1, 1

GET
H2 200 ibacorsosmedbutton-1.css
mobile.nation.co.ke/code/view/DailyNationMobile/-/2627752/-/9871unz/-/ 2 KB
1 KB 28ms
25ms Stylesheet
text/css 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/2627752/-/9871unz/-/ibacorsosmedbutton-1.css
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 8b50cd1534d3cdf09e7a31cf6c24ca53bad47a1315b70e477e3c6c39c91a4673

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-mrf-section-lastmod: 0000000000
x-cache: MISS from mobile.nation.co.ke, HIT, HIT
status: 200
x-b3-traceid: f0c5775651e54af1bd462c598c547269
x-b3-traceid-primal: 3dc98db1c061485b931499bdc01a62bc
content-length: 869
x-served-by: cache-lcy19270-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630659.321032,VS0,VE1
vary: Accept-Encoding, User-Agent
content-language: en-US
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: HS
content-type: text/css
x-cache-hits: 1, 1

GET
H2 200 vidStyle-v1.1.4.css
mobile.nation.co.ke/code/view/DailyNationMobile/-/4107482/-/ls0oyc/-/ 59 KB
9 KB 28ms
25ms Stylesheet
text/css 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/4107482/-/ls0oyc/-/vidStyle-v1.1.4.css
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 2c57df0e9a0cfb1879ad4fd437a7eaeb4f38f3c75182f57d8fd30ea5913dbdf6

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-mrf-section-lastmod: 0000000000
x-cache: HIT from mobile.nation.co.ke, HIT, HIT
status: 200
x-b3-traceid: 1fe233673ee24a6299a6b358aa753f51
x-b3-traceid-primal: bee1031ccb084d05bb6985432253b986
content-length: 8654
x-served-by: cache-lcy19225-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630659.321329,VS0,VE1
vary: Accept-Encoding, User-Agent
content-language: en-US
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: HS
content-type: text/css
x-cache-hits: 1, 1

GET
H2 200 jquery-cross.js Show response
mobile.nation.co.ke/code/view/DailyNationMobile/-/2627434/-/98749qz/-/ 1 KB
1 KB 28ms
25ms Script
application/x-javascript 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/2627434/-/98749qz/-/jquery-cross.js
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: e0352d61a99875d75be85aef0b849a74dbcd14d6bce6f8d71c7e5ff2ffdbcd6f

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
x-mrf-section-lastmod: 0000000000
x-cache: HIT from mobile.nation.co.ke, HIT, HIT
status: 200
x-b3-traceid: 343cc8dbdd064d0abb003ca2dadf4ba1
x-b3-traceid-primal: 75b549c65f3e41e9973924b8dc3ef23e
content-length: 1052
x-served-by: cache-lcy19241-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630659.321311,VS0,VE1
vary: User-Agent
content-language: en
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: HH
content-type: application/x-javascript
x-cache-hits: 1, 1

GET
H2 200 share.minified.js Show response
mobile.nation.co.ke/code/view/DailyNationMobile/-/2633472/-/97ncjmz/-/ 8 KB
8 KB 33ms
31ms Script
application/x-javascript 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/2633472/-/97ncjmz/-/share.minified.js
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 3490a64b6379a5d8ab10b48bda447b0f2b9860255424c5454aa8c9e4015702bf

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
x-mrf-section-lastmod: 0000000000
x-cache: HIT from mobile.nation.co.ke, HIT, HIT
status: 200
x-b3-traceid: 4bafb7e916934eb6bcbc07b9d7369a90
x-b3-traceid-primal: 0b54547545db408ab26d2921dd9a873e
content-length: 7742
x-served-by: cache-lcy19244-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630659.321317,VS0,VE2
vary: User-Agent
content-language: zh-CN
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: HH
content-type: application/x-javascript
x-cache-hits: 1, 1

GET
H2 200 whatsapp-button.js Show response
mobile.nation.co.ke/code/view/DailyNationMobile/-/2630296/-/97ph16z/-/ 5 KB
5 KB 28ms
25ms Script
application/x-javascript 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/2630296/-/97ph16z/-/whatsapp-button.js
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: e8de177b6c894e9d8a9eeef473b9383220d64b237725527cb13296e2a701bfff

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
x-mrf-section-lastmod: 0000000000
x-cache: HIT from mobile.nation.co.ke, HIT, HIT
status: 200
x-b3-traceid: 3b55693f538149fc9927553e1f9bb2ab
x-b3-traceid-primal: cf9e799858d34e6dbca7a9724d277081
content-length: 5464
x-served-by: cache-lcy19251-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630659.321270,VS0,VE1
vary: User-Agent
content-language: en
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: HH
content-type: application/x-javascript
x-cache-hits: 1, 1

GET
H2 200 jquery-1120min.js Show response
mobile.nation.co.ke/code/view/DailyNationMobile/-/3134374/-/4xdf3g/-/ 95 KB
95 KB 38ms
35ms Script
application/x-javascript 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/3134374/-/4xdf3g/-/jquery-1120min.js
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: dbe3b976cb29e2e48ffbe0a292f56792249c05de78ee19c957573d294da2053e

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
x-mrf-section-lastmod: 0000000000
x-cache: HIT from mobile.nation.co.ke, HIT, HIT
status: 200
x-b3-traceid: 9631d40c672340dcbe1165ed81397f9c
x-b3-traceid-primal: 9223b3b728d44ca5b4c7b60388f59940
content-length: 97362
x-served-by: cache-lcy19232-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630659.333467,VS0,VE1
vary: User-Agent
content-language: en-GB
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: HH
content-type: application/x-javascript
x-cache-hits: 1, 1

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 19 KB
8 KB 23ms
6ms Script
application/x-javascript 2600:9000:2057:7400:18:1fcd:349:ca21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:7400:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:06:59 GMT
content-encoding: gzip
last-modified: Wed, 14 Aug 2019 01:44:12 GMT
server: nginx
age: 240
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: QFWl2S4snnx94YrcHP_tv4RTud8rD1NzITKQ3kcjrX4Xsp5k8fivyA==
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
expires: Thu, 19 Mar 2020 17:06:58 GMT

GET
H2 200 jquery-1.10.1.min.js Show response
mobile.nation.co.ke/code/view/DailyNationMobile/-/1953852/-/oflr9qz/-/ 91 KB
91 KB 57ms
54ms Script
application/x-javascript 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/1953852/-/oflr9qz/-/jquery-1.10.1.min.js
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 0591e3f9728b4cb8b2c874eaf0cd1fd6f720713aac4e3cfcb3c12d9ce8a8afac

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
x-mrf-section-lastmod: 0000000000
x-cache: MISS from mobile.nation.co.ke, HIT, HIT
status: 200
x-b3-traceid: a122118406c646c690ef7c5430189d03
x-b3-traceid-primal: 93c938bddd15427288b6f3808c4a4d3f
content-length: 93064
x-served-by: cache-lcy19249-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630659.333461,VS0,VE2
vary: User-Agent
content-language: en-GB
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: HH
content-type: application/x-javascript
x-cache-hits: 1, 1

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 42 KB
14 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0dab19af140a499fcb4302cce17dc025552c094d03631540c010cd6c25cdd84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "460 / 551 of 1000 / last-modified: 1584567266"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14417
x-xss-protection: 0
expires: Thu, 19 Mar 2020 15:10:59 GMT

GET
H2 200 2.jpg
mobile.nation.co.ke/image/view/-/5481716/medRes/2574578/-/9dbvdv/-/ 15 KB
15 KB 108ms
106ms Image
image/webp 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile.nation.co.ke/image/view/-/5481716/medRes/2574578/-/9dbvdv/-/2.jpg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 9dfe7a51c0697fb1f38a97f0069ed2a3837f1c8dae1cc0ef1b1a8b2f37dc94d7

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
x-mrf-section-lastmod: 0000000000
x-cache: MISS from mobile.nation.co.ke, MISS, MISS
fastly-io-info: ifsz=24792 idim=425x262 ifmt=jpeg ofsz=14896 odim=425x262 ofmt=webp
status: 200
x-b3-traceid: fcf0a92f324d4313ae9bed88409a081e
fastly-stats: io=1
content-length: 14896
x-served-by: cache-lcy19245-LCY, cache-fra19179-FRA
x-b3-traceid-primal: fcf0a92f324d4313ae9bed88409a081e
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630660.514592,VS0,VE84
etag: "YdvhuyYoICd6bdkRKk0p1JRIxgjBCHeMkH4UfuBfQN8"
vary: Accept, User-Agent
content-language: en-US
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: MM
content-type: image/webp
x-cache-hits: 0, 0

GET
H2 200 LOGO.jpg
mobile.nation.co.ke/image/view/-/3508610/medRes/1333041/-/i793rg/-/ 4 KB
5 KB 71ms
68ms Image
image/webp 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile.nation.co.ke/image/view/-/3508610/medRes/1333041/-/i793rg/-/LOGO.jpg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 8f889d5ad350e9a16462fc1d7b0d6ca7855fef2924b4a30d873465df6100a871

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
x-mrf-section-lastmod: 0000000000
x-cache: HIT from mobile.nation.co.ke, MISS, HIT
fastly-io-info: ifsz=8589 idim=262x262 ifmt=jpeg ofsz=4308 odim=262x262 ofmt=webp
status: 200
x-b3-traceid: 7785d76779504b76a6e08dd6f77a40cd
fastly-stats: io=1
content-length: 4308
x-served-by: cache-lcy19225-LCY, cache-fra19179-FRA
x-b3-traceid-primal: 0daaf37173ad4cc38f2aa570c1414411
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630660.515021,VS0,VE47
etag: "ClLTkYEI73i1nnznOc0e0mjg/FTUbojAsWl7yPXadpY"
vary: Accept, User-Agent
content-language: en-GB
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: MH
content-type: image/webp
x-cache-hits: 0, 1

GET
H2 200 Weta2.jpg
mobile.nation.co.ke/image/view/-/5497086/medRes/2584156/-/qwfde0z/-/ 21 KB
21 KB 99ms
96ms Image
image/webp 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile.nation.co.ke/image/view/-/5497086/medRes/2584156/-/qwfde0z/-/Weta2.jpg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 8cfc39272a023901fd6f42f08ab9ec4750a7aab69522ef9ad6819c6f5814373b

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
x-mrf-section-lastmod: 0000000000
x-cache: MISS from mobile.nation.co.ke, MISS, MISS
fastly-io-info: ifsz=31412 idim=425x262 ifmt=jpeg ofsz=21668 odim=425x262 ofmt=webp
status: 200
x-b3-traceid: 7a231db3fe93451fbcc78161d656a419
fastly-stats: io=1
content-length: 21668
x-served-by: cache-lcy19238-LCY, cache-fra19179-FRA
x-b3-traceid-primal: 7a231db3fe93451fbcc78161d656a419
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630660.514969,VS0,VE74
etag: "vFO8f5IXc+cbBPxtuB5ayLJedtFoT+mMLhUVVBFKDDA"
vary: Accept, User-Agent
content-language: en-US
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: MM
content-type: image/webp
x-cache-hits: 0, 0

GET
H2 200 dn-logo.png
cdn.nation.co.ke/mailchimp/ 3 KB
3 KB 40ms
38ms Image
image/webp 104.17.67.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.nation.co.ke/mailchimp/dn-logo.png
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.67.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca90d5814c90434d3bd1d36a0c6548911f10194a0fe86e9cd1be4dd369e23baa

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
cf-cache-status: HIT
age: 923
cf-polished: origFmt=png, origSize=3852
x-cache: HIT from cdn.nation.co.ke
status: 200
content-disposition: inline; filename="dn-logo.webp"
cf-bgj: imgq:85
content-length: 3298
last-modified: Wed, 04 Apr 2018 11:35:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57681f95fd1cd92d-AMS
expires: Fri, 19 Mar 2021 15:10:59 GMT

GET
H2 200 Coronavirus+updates%253A+Eight+more+test+negative.jpg
mobile.nation.co.ke/image/view/-/5497138/thumbnail/2584168/-/vid1fpz/-/ 45 KB
46 KB 121ms
118ms Image
image/webp 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile.nation.co.ke/image/view/-/5497138/thumbnail/2584168/-/vid1fpz/-/Coronavirus+updates%253A+Eight+more+test+negative.jpg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: ed612b4bc5d5fc594db9bb0562f9029b05fd4df1e5fc296f3d6837316b5e6e06

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
x-mrf-section-lastmod: 0000000000
x-cache: MISS from mobile.nation.co.ke, HIT, MISS
fastly-io-info: ifsz=66243 idim=600x400 ifmt=jpeg ofsz=46222 odim=600x400 ofmt=webp
status: 200
x-b3-traceid: fbe9c709c3a94f8d9fcb7e4763ae8fba
fastly-stats: io=1
content-length: 46222
x-served-by: cache-lcy19251-LCY, cache-fra19179-FRA
x-b3-traceid-primal: 1ef3e2923d87450a9797346213e6d8f3
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630660.514959,VS0,VE96
etag: "wnlDnjdtc9J0oqVUS6IDQN+G4xVtEB3fxEkcREbjqpY"
vary: Accept, User-Agent
content-language: en-US
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: HM
content-type: image/webp
x-cache-hits: 1, 0

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/g00_yuODa4o/ 7 KB
7 KB 29ms
6ms Image
image/jpeg 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/g00_yuODa4o/mqdefault.jpg

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fe81a21afa207aab9dd07c16c1e5fa88e3e96121adb1f7bd372a9178023274c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:08:13 GMT
x-content-type-options: nosniff
server: sffe
age: 166
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 7146
x-xss-protection: 0
expires: Thu, 19 Mar 2020 15:13:13 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/yXGRV0v7Rf4/ 12 KB
13 KB 34ms
11ms Image
image/jpeg 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/yXGRV0v7Rf4/mqdefault.jpg

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3edc0759c8e33699ce92932d613a71bb1740dba8a16b2e741dc6800830ab85c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:08:13 GMT
x-content-type-options: nosniff
server: sffe
age: 166
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 12769
x-xss-protection: 0
expires: Thu, 19 Mar 2020 15:13:13 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/3DJ69v-LAsM/ 11 KB
11 KB 30ms
7ms Image
image/jpeg 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/3DJ69v-LAsM/mqdefault.jpg

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c213e54ed5990ecc5d592c87772b0124d02d08e5ff94aefd661a0452d9bc9f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:08:13 GMT
x-content-type-options: nosniff
server: sffe
age: 166
etag: "1584449240"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 11514
x-xss-protection: 0
expires: Thu, 19 Mar 2020 15:13:13 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/K5OpcwgSers/ 7 KB
7 KB 40ms
17ms Image
image/jpeg 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/K5OpcwgSers/mqdefault.jpg

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17185d93d2baa504d2f5f78f06d6a757706e428cf406677694042c78f99d5080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 7009
x-xss-protection: 0
expires: Thu, 19 Mar 2020 15:15:59 GMT

GET
H2 200 dnLogoFooter.png
www.nation.co.ke/nationmedia/css/icons/dailynation/ 6 KB
6 KB 140ms
95ms Image
image/webp 104.17.66.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nation.co.ke/nationmedia/css/icons/dailynation/dnLogoFooter.png
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.66.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 891a417982f3fcf9102a58972130e6f88ccdc4e87006099e5c5ed23d21b82984

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
cf-cache-status: HIT
age: 29720
cf-polished: origFmt=png, origSize=8886
x-cache: HIT from www.nation.co.ke
status: 200
content-disposition: inline; filename="dnLogoFooter.webp"
cf-bgj: imgq:85
content-length: 5714
x-ua-compatible: IE=Edge,chrome=1
last-modified: Thu, 18 Jan 2018 04:40:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 57681f963dba730b-AMS
expires: Fri, 20 Mar 2020 15:10:59 GMT

GET
H2 200 google-play-badge.png
mobile.nation.co.ke/nationmedia/css/icons/dailynation/ 2 KB
3 KB 25ms
22ms Image
image/webp 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile.nation.co.ke/nationmedia/css/icons/dailynation/google-play-badge.png
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: cdfae1a14a6a6513f7e8afd50a514386cc2684a0d09bea4b0246d0ba183d2089

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
x-mrf-section-lastmod: 0000000000
x-cache: HIT from mobile.nation.co.ke, HIT
fastly-io-info: ifsz=4759 idim=135x40 ifmt=png ofsz=2328 odim=135x40 ofmt=webp
status: 200
x-b3-traceid: 5e81c1af46764eaba75b4d1664520bf6
fastly-stats: io=1
content-length: 2328
x-served-by: cache-fra19179-FRA
x-b3-traceid-primal: ea8285ebbb0f462291183e972cad0457
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630660.514941,VS0,VE1
etag: "yKaJw8km8MSctpZXELZMn5MIQh6aDwBmGsEf38unV4Y"
vary: Accept, User-Agent
content-type: image/webp
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: H
x-cache-hits: 1

GET
H2 200 appStoreIcon.svg
mobile.nation.co.ke/nationmedia/css/icons/dailynation/ 12 KB
5 KB 25ms
23ms Image
image/svg+xml 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile.nation.co.ke/nationmedia/css/icons/dailynation/appStoreIcon.svg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-mrf-section-lastmod: 0000000000
x-cache: HIT from mobile.nation.co.ke, MISS, HIT
status: 200
x-b3-traceid: 30d6fe8120a24387ad51f3689bd37fc9
x-b3-traceid-primal: ed1e1716b5dd4473a4e80d87419de9ea
content-length: 4622
x-served-by: cache-lcy19237-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630660.514938,VS0,VE1
vary: Accept-Encoding, User-Agent
content-type: image/svg+xml
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: RS
x-cache-hits: 0, 1

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
38 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d45c0afeb325894b1cf367233191e5acd290f2e6b80653e1973cc5136cc0161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39018
x-xss-protection: 0
server: cafe
etag: 6580445678205436324
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Mar 2020 15:10:59 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 13ms
11ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03287280ffc2f50b1c9b477d00acb16fec7797d50e3a89a2dcb5589e36e413c0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 86
etag: W/"f242ff15a186d9d5dc1c33cc46f2d4a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 57681f95eae0c286-FRA
expires: Fri, 20 Mar 2020 03:10:59 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
931 B 26ms
26ms Script
application/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

667b8f4d0d6015504f4020d4cfacfccc4428f17cb964a307a0c4f8e28d6b8bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
mobile.nation.co.ke/code/view/DailyNationMobile/-/3134376/-/4xdf3i/-/ 7 KB
7 KB 39ms
39ms Script
application/x-javascript 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/3134376/-/4xdf3i/-/jquery-migrate-1.2.1.min.js
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: caaa5ca8a0cb141b10af77b40adf1af9c39b4c87de2c1c0ea444e5add41463c3

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
x-mrf-section-lastmod: 0000000000
x-cache: HIT from mobile.nation.co.ke, HIT, HIT
status: 200
x-b3-traceid: 25949afba9604cc78fac1fb9e0038322
x-b3-traceid-primal: 057758625b1342278f4ef27931667857
content-length: 7200
x-served-by: cache-lcy19253-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630659.344704,VS0,VE1
vary: User-Agent
content-language: en-US
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: HH
content-type: application/x-javascript
x-cache-hits: 1, 1

GET
H2 200 scripts.js Show response
mobile.nation.co.ke/code/view/DailyNationMobile/-/3134380/-/4xdf48/-/ 1 KB
2 KB 27ms
26ms Script
application/x-javascript 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/3134380/-/4xdf48/-/scripts.js
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: b92bc35384a190df4963836d1a16f0bbc6b1b13aa97a6a340fbd7ca2a0ef3d9d

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
x-mrf-section-lastmod: 0000000000
x-cache: HIT from mobile.nation.co.ke, HIT, HIT
status: 200
x-b3-traceid: e49ce51b40414d6a9150a8bdf3089d46
x-b3-traceid-primal: 6427c20964fb4990b5a179edc7c3b6f6
content-length: 1407
x-served-by: cache-lcy19262-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630659.487555,VS0,VE1
vary: User-Agent
content-language: en-GB
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: HH
content-type: application/x-javascript
x-cache-hits: 1, 1

GET
H2 200 helper.js Show response
mobile.nation.co.ke/code/view/DailyNationMobile/-/1953858/-/oflr9kz/-/ 6 KB
6 KB 27ms
27ms Script
application/x-javascript 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/1953858/-/oflr9kz/-/helper.js
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: ec25dea94bb5d3a37b2122635902fcdade629ff9284a9f516a227d84c15ba456

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
x-mrf-section-lastmod: 0000000000
x-cache: HIT from mobile.nation.co.ke, HIT, HIT
status: 200
x-b3-traceid: 4a8ec8c510b74f288bc9956cc2983035
x-b3-traceid-primal: 0dfa4d2423104b9684119b2ae939d955
content-length: 6357
x-served-by: cache-lcy19227-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630659.487699,VS0,VE1
vary: User-Agent
content-language: en
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: HH
content-type: application/x-javascript
x-cache-hits: 1, 1

GET
H2 200 main-ck.js Show response
mobile.nation.co.ke/code/view/DailyNationMobile/-/1953860/-/oflr8wz/-/ 1 KB
2 KB 25ms
22ms Script
application/x-javascript 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/1953860/-/oflr8wz/-/main-ck.js
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 3042ba73f3735ab2c8aa60b662ea4b48a1904757b9c1a288eeac6135b64c8c05

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
x-mrf-section-lastmod: 0000000000
x-cache: HIT from mobile.nation.co.ke, HIT, HIT
status: 200
x-b3-traceid: 94214187724c40c0aaf9f8a1e20d40dc
x-b3-traceid-primal: 40d8431dc64f4a258bbe3d3fcb4d7b55
content-length: 1408
x-served-by: cache-lcy19242-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630660.514530,VS0,VE1
vary: User-Agent
content-language: en-US
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: HH
content-type: application/x-javascript
x-cache-hits: 1, 1

GET
H2 200 scrollspy.js Show response
mobile.nation.co.ke/code/view/DailyNationMobile/-/3134378/-/4xdf3k/-/ 6 KB
6 KB 25ms
22ms Script
application/x-javascript 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/3134378/-/4xdf3k/-/scrollspy.js
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 5daa8e00106b85bb3de8e5b2bf545b16cee20944364f932ad39d0082b22a579f

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
x-mrf-section-lastmod: 0000000000
x-cache: HIT from mobile.nation.co.ke, HIT, HIT
status: 200
x-b3-traceid: 610fd99cb4854444bab2b433c38fb4c4
x-b3-traceid-primal: d80a7fe3cc064d59b02ee62c14214ce3
content-length: 6360
x-served-by: cache-lcy19275-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630660.514521,VS0,VE1
vary: User-Agent
content-language: en
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: HH
content-type: application/x-javascript
x-cache-hits: 1, 1

GET
H2 200 v3.opta-widgets.js Show response
secure.widget.cloud.opta.net/v3/ 721 KB
191 KB 29ms
26ms Script
application/javascript 23.37.42.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.widget.cloud.opta.net/v3/v3.opta-widgets.js
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.42.13 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-13.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 42025e5c6d8d9e0ddaa60745b330caac9195020523a46a408ccbd4e56caba5a7

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
last-modified: Thu, 05 Mar 2020 13:48:45 GMT
server: AmazonS3
x-amz-request-id: 9D199784C5FE3046
etag: "84cc88abec269a552cf64641eaca9dcc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 194680
x-amz-id-2: 8M6JsjKWJJH4i+Q6o1wIujg7cLgXUw8iSs3qXwBl+plyV+e3+zUeK9Xs0WClQ11HqIBmccJ3jEw=

GET
H2 200 main.d.js Show response
bc.marfeelcache.com/mobile.nation.co.ke/ 31 KB
10 KB 25ms
23ms Script
application/javascript 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bc.marfeelcache.com/mobile.nation.co.ke/main.d.js
Requested by: Host: bc.marfeelcache.com
URL: https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c99c67f38936aa713e02df2807197d86efa84308a039e8baf88becf13befad8

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-encoding: br
x-b3-traceid: b26689d8eb944d1ab32fb6f4e65388c8
x-mrs-cache: REFRESHING
status: 200
x-mrs-age: 0
x-served-by: mshield-b-02, mshield-f-03, cache-jax20923-JAX, cache-fra19173-FRA
x-mrf-age: 0
edge-deliver-cache-control: public, max-age=61
x-mrf-item-lastmod: 0000000000
x-timer: S1584630660.514926,VS0,VE1
etag: W/"0f5cdfd82b8eb9d528f2f58a316e10b45"
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin, Date
cache-control: public, max-age=61
mrf-cache-status: R-RS
access-control-allow-headers: x-requested-with
x-cache-hits: 1, 1
date: Thu, 19 Mar 2020 15:10:59 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-mrf-section-lastmod: 0000000000
x-mrf-lastmod: 0
x-cache: HIT, HIT
x-mrf-rendered: 1584625614697
x-b3-traceid-primal: 029302a429e24852b76139d2b1795b6a
content-length: 9457
x-mshield-cache-status: REFRESHING
x-mrf-type: SECTION
server: nginx
x-mrf-shard: 2
x-mrs-cache-hits: 0
accept-ranges: bytes
content-type: application/javascript;charset=UTF-8

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 104ms
26ms Script
text/javascript 143.204.202.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.82 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-82.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 10 Mar 2020 13:44:58 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 782762
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
X-Amz-Cf-Id: bMaSnRiopBQIvx3JU8qy8sKymn7L7gHlmU8231eHd7SJOT9A2rhsXQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1030601-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1944
date: Thu, 19 Mar 2020 14:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Thu, 19 Mar 2020 16:38:35 GMT

GET
H2 200 index.html Show response
mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/ 46 KB
12 KB 22ms
22ms XHR
text/html 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/1953852/-/oflr9qz/-/jquery-1.10.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 50289747be14a95dea55f5ee1041c07f727770a649915f942522590c0b3801b2

Request headers

Accept: */*
Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-mrf-section-lastmod: 0000000000
x-cache: MISS from mobile.nation.co.ke, MISS, HIT
status: 200
x-b3-traceid: 44278a726843403ca79119cab315c4c1
x-b3-traceid-primal: 5e1569db61fc45c3a80112f2f0893eba
content-length: 12374
x-served-by: cache-lcy19257-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630660.511648,VS0,VE0
vary: Accept-Encoding, User-Agent
content-language: en-US
via: 1.1 varnish
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: MH
content-type: text/html;charset=UTF-8
x-cache-hits: 0, 1

GET
H2 200 sprite.png
mobile.nation.co.ke/image/view/-/1953834/data/559758/-/ap8fff/-/ 4 KB
4 KB 23ms
23ms Image
image/webp 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile.nation.co.ke/image/view/-/1953834/data/559758/-/ap8fff/-/sprite.png?format=xhtml
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 5a1c8ab9c65a636c6e0904ed796ee77ab8a7b60f236380c5b7f3edc2d3be90d8

Request headers

Referer: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/4093698/-/lee3lp/-/mainnew-v1.2.2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
x-mrf-section-lastmod: 0000000000
x-cache: MISS from mobile.nation.co.ke, HIT
fastly-io-info: ifsz=4741 idim=171x45 ifmt=png ofsz=3852 odim=171x45 ofmt=webp
status: 200
x-b3-traceid: b170b403529e4db781eb870070ae6e54
fastly-stats: io=1
content-length: 3852
x-served-by: cache-fra19179-FRA
x-b3-traceid-primal: 5ef6b8dca1ba4386922850e36a4b52e8
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630660.530657,VS0,VE1
etag: "yPbtQBYMDyc2WK5AwPnm62uks8YLgQh4EAnimqEc8/s"
vary: Accept, User-Agent
content-language: en
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: H
content-type: image/webp
x-cache-hits: 1

GET
H2 200 ColfaxWebRegular.woff
mobile.nation.co.ke/nationmedia/css/fonts/ 53 KB
50 KB 23ms
23ms Font
application/x-font-woff 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/nationmedia/css/fonts/ColfaxWebRegular.woff
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 09676704908b85448b5906149e906b4190d9d7797cf254f6919e80f44e2841c3

Request headers

Referer: https://mobile.nation.co.ke/nationmedia/css/fonts/fonts.css
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-mrf-section-lastmod: 0000000000
x-cache: HIT from mobile.nation.co.ke, MISS, HIT
status: 200
x-b3-traceid: 179e4dfe53524b4f964289b6e2b3d8bb
x-b3-traceid-primal: 2efe17bc21244185abff710bd602ca96
content-length: 51496
x-served-by: cache-lcy19255-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630660.530925,VS0,VE1
vary: Accept-Encoding, User-Agent
content-type: application/x-font-woff
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: RS
x-cache-hits: 0, 1

GET
H2 200 pubads_impl_2020030501.js Show response
securepubads.g.doubleclick.net/gpt/ 165 KB
60 KB 78ms
30ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

8ee04e0441c9e51785d17ac835a93cf4d30d90826f87350b42ba233496a26f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 14:08:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 61481
x-xss-protection: 0
expires: Thu, 19 Mar 2020 15:10:59 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ 113 B
178 B 16ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=mobile.nation.co.ke

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 242 B
514 B 117ms
101ms XHR
application/json 2a04:4e42:1b::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=nation.co.ke&domain=mobile.nation.co.ke&path=%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::714 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 45bcc9239480ef508d3c8f3c760c86a03b6924a675874d39d1da825010501a07

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
age: 0
x-cache: MISS
status: 200
x-cache-hits: 0
content-length: 193
x-served-by: cache-hhn4081-HHN
access-control-allow-origin: *
x-timer: S1584630660.553657,VS0,VE95
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Tue, 17 Mar 2020 15:10:59 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1473550051&t=pageview&_s=1&dl=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Fin...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1030601-4&cid=1911570093.1584630660&jid=1138218907&_gid=1471974779.1584630660&gjid=924814918&_v=j81&z=609933402
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1030601-4&cid=1911570093.1584630660&jid=1138218907&_v=j81&z=609933402
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1030601-4&cid=1911570093.1584630660&jid=1138218907&_v=j81&z=609933402&slf_rd=1&random=3069900300

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1030601-4&cid=1911570093.1584630660&jid=1138218907&_v=j81&z=609933402&slf_rd=1&random=3069900300

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Mar 2020 15:10:59 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Mar 2020 15:10:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1030601-4&cid=1911570093.1584630660&jid=1138218907&_v=j81&z=609933402&slf_rd=1&random=3069900300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 84ms
22ms Image
image/gif 99.86.3.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Sh51m%20fraud%20suspect%20held%20for%20four%20days%20-%20Daily%20Nation&time=1584630659610&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=https%3A%2F%2Fwww.google.com%2F&host_url=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&random_number=16676178734&sess_cookie=6275986e170f358fa1aaf02556c&sess_cookie_flag=1&user_cookie=6275986e170f358fa1aaf02556c&user_cookie_flag=1&dynamic=true&domain=nation.co.ke&account=7CIsk1acBb00OC&jsv=20130128&user_lang=en-US
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.3.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-128.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 19 Mar 2020 12:02:18 GMT
Via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-meta-alexa-last-modified: 20110117123941
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 41448
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
X-Amz-Cf-Pop: FRA6-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: V8TxHwkvPWryEB2ByBMa94fABNOssH6jCrm6Krhunqk0Gdc7ntuyUA==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 39 KB
11 KB 283ms
283ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1757419936386997&correlator=4394111287443320&output=ldjh&impl=fif&adsid=NT&vrg=2020030501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200319&iu_parts=1010816%2CZ-DN-Mobile-Africa-Home&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cust_params=url%3Dnews%26url2%3DSh51m-fraud-suspect-held-for-four-days&cookie_enabled=1&bc=31&abxe=1&lmt=1584630659&dt=1584630659661&dlt=1584630659301&idt=343&frm=20&biw=1600&bih=1200&oid=3&adxs=525&adys=98&adks=427714100&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&ref=https%3A%2F%2Fwww.google.com%2F&dssz=29&icsg=16728042&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psz=550x250&msz=550x250&ga_vid=1911570093.1584630660&ga_sid=1584630660&ga_hid=1473550051&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

78731e752ca514752d27614d58f4d9fe3df34143dd798c696ec5aa286fb854c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 10256
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobile.nation.co.ke
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020030501.js Show response
securepubads.g.doubleclick.net/gpt/ 69 KB
25 KB 32ms
32ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

ffdc18ac8f47bcd50dd9c33532c334e7073717a62b367d95b9cb1561048547dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 14:08:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 25689
x-xss-protection: 0
expires: Thu, 19 Mar 2020 15:10:59 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 ColfaxWebBold.woff
mobile.nation.co.ke/nationmedia/css/fonts/ 48 KB
47 KB 24ms
23ms Font
application/x-font-woff 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile.nation.co.ke/nationmedia/css/fonts/ColfaxWebBold.woff
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 07470d619f47967ccebfd3e54b4ced0578e12a538b37fb988f900351e11dd996

Request headers

Referer: https://mobile.nation.co.ke/nationmedia/css/fonts/fonts.css
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-mrf-section-lastmod: 0000000000
x-cache: HIT from mobile.nation.co.ke, MISS, HIT
status: 200
x-b3-traceid: 67f2ffaf21ae4a9eb6aee6dd2ca42ef6
x-b3-traceid-primal: 1c17ced827cf4032bbc8b92ad0122c6b
content-length: 47430
x-served-by: cache-lcy19220-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630660.682618,VS0,VE1
vary: Accept-Encoding, User-Agent
content-type: application/x-font-woff
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: RS
x-cache-hits: 0, 1

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 18ms
18ms Font
application/octet-stream 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
cf-cache-status: HIT
age: 4292834
cf-ray: 57681f96fe8f64fd-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 77160
last-modified: Thu, 17 May 2018 09:19:53 GMT
server: cloudflare
etag: "5afd4939-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Tue, 09 Mar 2021 15:10:59 GMT
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 39 KB
10 KB 637ms
637ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1757419936386997&correlator=4394111287443320&output=ldjh&impl=fif&adsid=NT&vrg=2020030501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200319&iu_parts=1010816%2Cz-mobile-article-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=url%3Dnews%26url2%3DSh51m-fraud-suspect-held-for-four-days&cust_params=url%3Dnews%26url2%3DSh51m-fraud-suspect-held-for-four-days&cookie_enabled=1&bc=31&abxe=1&lmt=1584630659&dt=1584630659690&dlt=1584630659301&idt=343&frm=20&biw=1585&bih=1200&oid=3&adxs=643&adys=1140&adks=233358630&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&ref=https%3A%2F%2Fwww.google.com%2F&dssz=34&icsg=549822726058&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psz=550x250&msz=300x-1&ga_vid=1911570093.1584630660&ga_sid=1584630660&ga_hid=1473550051&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

b9635c09e3af313d624d7bfb2faca2e2346756abe1721e689c78b6d7cdbb4c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 10214
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobile.nation.co.ke
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 423 B
450 B 389ms
389ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1757419936386997&correlator=4394111287443320&output=ldjh&impl=fif&adsid=NT&vrg=2020030501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200319&iu_parts=1010816%2CZ-DN-Mobile-300x250-Article-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C320x50%7C320x100%7C336x280&prev_scp=url%3Dnews%26url2%3DSh51m-fraud-suspect-held-for-four-days&cust_params=url%3Dnews%26url2%3DSh51m-fraud-suspect-held-for-four-days&cookie_enabled=1&bc=31&abxe=1&lmt=1584630659&dt=1584630659702&dlt=1584630659301&idt=343&frm=20&biw=1585&bih=1200&oid=3&adxs=518&adys=2212&adks=906288578&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&ref=https%3A%2F%2Fwww.google.com%2F&dssz=36&icsg=549822726058&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psz=550x250&msz=550x250&ga_vid=1911570093.1584630660&ga_sid=1584630660&ga_hid=1473550051&fws=0&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5ff06695bdf7e7103442633bedc3739b76f3f62662eac7b9babc35c949a59567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 224
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobile.nation.co.ke
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mainnew-v1.2.2.css
mobile.nation.co.ke/code/view/DailyNationMobile/-/4093698/-/lee3lp/-/ 37 KB
37 KB 23ms
23ms Image
text/css 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/4093698/-/lee3lp/-/mainnew-v1.2.2.css
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/4093698/-/lee3lp/-/mainnew-v1.2.2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-mrf-section-lastmod: 0000000000
x-cache: HIT from mobile.nation.co.ke, HIT, HIT
status: 200
x-b3-traceid: 8de5b7e3ef6347ffa102f6ed3be13db2
x-b3-traceid-primal: 046f9304a206485ab5271c8a678786fd
content-length: 6912
x-served-by: cache-lcy19244-LCY, cache-fra19179-FRA
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630660.722835,VS0,VE0
vary: Accept-Encoding, User-Agent
content-language: en-US
via: 1.1 varnish
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: HS
content-type: text/css
x-cache-hits: 1, 3

GET
H2 200 mailchimpBG3.jpg
mobile.nation.co.ke/image/view/-/4372150/data/1929076/-/va0uqd/-/ 11 KB
12 KB 84ms
83ms Image
image/webp 151.101.14.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile.nation.co.ke/image/view/-/4372150/data/1929076/-/va0uqd/-/mailchimpBG3.jpg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: de4d39d697730b1b7085d38fc92adfe4bab7f16e6aee24d50b481d32b26ccff1

Request headers

Referer: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/4093698/-/lee3lp/-/mainnew-v1.2.2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
x-mrf-section-lastmod: 0000000000
x-cache: HIT from mobile.nation.co.ke, HIT, HIT
fastly-io-info: ifsz=10746 idim=610x335 ifmt=jpeg ofsz=11752 odim=610x335 ofmt=webp
status: 200
x-b3-traceid: ea7ed01033d040368a395225aded7729
fastly-stats: io=1
content-length: 11752
x-served-by: cache-lcy19262-LCY, cache-fra19179-FRA
x-b3-traceid-primal: 3419a2b81f9a4ccd9a0b3d7b34110ebc
accept-ranges: bytes
mrf-tech: CDN
x-mrf-item-lastmod: 0000000000
server: Apache
x-timer: S1584630660.722818,VS0,VE61
etag: "JnrcLffbeStD/F8x2f4tx6IgyeOnvcvm2htOWwb695A"
vary: Accept, User-Agent
content-language: en
cache-control: public, max-age=60, stale-if-error=2592000
x-ua-compatible: IE=Edge,chrome=1
mrf-cache-status: HH
content-type: image/webp
x-cache-hits: 1, 1

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 39 KB
10 KB 743ms
743ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1757419936386997&correlator=4394111287443320&output=ldjh&impl=fif&adsid=NT&vrg=2020030501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200319&iu_parts=1010816%2CZ-DN-Mobile-300x250-Article-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cust_params=url%3Dnews%26url2%3DSh51m-fraud-suspect-held-for-four-days&cookie_enabled=1&bc=31&abxe=1&lmt=1584630659&dt=1584630659725&dlt=1584630659301&idt=343&frm=20&biw=1585&bih=1200&oid=3&adxs=518&adys=3724&adks=2620078490&ucis=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&ref=https%3A%2F%2Fwww.google.com%2F&dssz=38&icsg=549822726058&std=0&csl=88&vis=1&dmc=8&scr_x=0&scr_y=0&psz=550x265&msz=300x-1&ga_vid=1911570093.1584630660&ga_sid=1584630660&ga_hid=1473550051&fws=0&ohw=0&btvi=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

7e422300babfa91eaebf514d0fcf73a3e51b2a1555830af6cca17af49de1e1b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 9990
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobile.nation.co.ke
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK stf.js Show response
d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com/ 15 KB
6 KB 68ms
22ms Script
text/javascript 95.101.184.183
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com/stf.js
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-184-183.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b8ffc0a76bb58e58b2c425cec853638569574c95fa68587c549ac5250e341d66

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 19 Mar 2020 15:10:59 GMT
Content-Encoding: gzip
Origin: https://mycloud.rackspace.com
Last-Modified: Wed, 18 Dec 2019 12:04:27 GMT
ETag: 85b7961e7ae09df9aa8c58302224be8e
Vary: Accept-Encoding
Content-Type: text/javascript
X-Timestamp: 1576670666.12595
Cache-Control: public, max-age=219797
Content-Length: 5206
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txb10d9c0d22a247cea31ea-005e6f627cdfw1
Expires: Sun, 22 Mar 2020 04:14:16 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 409 B
396 B 849ms
849ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1757419936386997&correlator=4394111287443320&output=ldjh&impl=fif&adsid=NT&vrg=2020030501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200319&iu_parts=1010816%2CDN_320x50_STICKY&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&cust_params=url%3Dnews%26url2%3DSh51m-fraud-suspect-held-for-four-days&cookie_enabled=1&bc=31&abxe=1&lmt=1584630659&dt=1584630659741&dlt=1584630659301&idt=343&frm=20&biw=1585&bih=1200&oid=3&adxs=633&adys=1150&adks=2528168007&ucis=5&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&ref=https%3A%2F%2Fwww.google.com%2F&dssz=48&icsg=2199290904234&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1911570093.1584630660&ga_sid=1584630660&ga_hid=1473550051&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

bbb689171a57b1eb95ef20676cecf058360206cd4753d89e6155e2f4f57575a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 218
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobile.nation.co.ke
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 404 B
392 B 890ms
890ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1757419936386997&correlator=4394111287443320&output=ldjh&impl=fif&adsid=NT&vrg=2020030501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200319&iu_parts=1010816%2CZ-DN-RoadBlock&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&cust_params=url%3Dnews%26url2%3DSh51m-fraud-suspect-held-for-four-days&cookie_enabled=1&bc=31&abxe=1&lmt=1584630659&dt=1584630659745&dlt=1584630659301&idt=343&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=4360&adks=397188472&ucis=6&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&ref=https%3A%2F%2Fwww.google.com%2F&dssz=50&icsg=2199290904234&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x4296&msz=1585x1&ga_vid=1911570093.1584630660&ga_sid=1584630660&ga_hid=1473550051&fws=0&ohw=0&btvi=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

d328a8d4222680e6c710a368323979d8baadeac4771127b47a92df5b5cbfb709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 214
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobile.nation.co.ke
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0300a3520992d8a0cf09c53931d878241d30e517e2ae34ee2d8abfa4ad99d600

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: fjJJsMpt3yElsFaJkap/yw==
status: 200
date: Thu, 19 Mar 2020 15:10:59 GMT, Thu, 19 Mar 2020 15:10:59 GMT
expires: Thu, 19 Mar 2020 15:20:03 GMT
alt-svc: h3-27=":443"; ma=3600
content-length: 1781
x-fb-debug: DEPx7zislW+wl/ZxV+450Ndntt++rWO2KHvevTa9ck+wMSS3pm2U5LxlGvGSEBveGO0vmVANHZKwTAwfKbspeg==
x-fb-trip-id: 420120009
x-fb-content-md5: 0e64d99db9206539bef0ce81d7a002df
etag: "397dd5f1922323a3709920c0503e5921"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/nationmediagroup-dailynation/ 100 KB
20 KB 68ms
22ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/nationmediagroup-dailynation/loader.js
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f506ee3d335c8a083070180d8aefb7d5812afbeb9752e9254457c5f5278d1d17

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: 7XPS8vGgt.m3qUuB0inucRKLfSmhKzXt
content-encoding: gzip
age: 29
x-cache: HIT
status: 200
date: Thu, 19 Mar 2020 15:10:59 GMT
content-length: 20279
x-amz-id-2: cq+egFNJSWMp3hmR16PcRnyX5Qv8HmChhQ6cAybMM/YGzuUViTwnlVy/4Mgk9e0BZSjO+eO8RYk=
x-served-by: cache-fra19131-FRA
last-modified: Wed, 18 Mar 2020 10:38:42 GMT
server: AmazonS3
x-timer: S1584630660.801236,VS0,VE1
etag: "f49cb6cee5902c802e32287af977917a"
vary: Accept-Encoding
x-amz-request-id: A0AAFCF61F1F42CA
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 48
x-cache-hits: 1

GET
H/1.1 200
OK 99f943cab373e138244a9f28cd6bde24 Show response
ggblmmkf.uuxnwoevyb.com/ 103 KB
35 KB 248ms
130ms Script
application/javascript 99.86.3.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ggblmmkf.uuxnwoevyb.com/99f943cab373e138244a9f28cd6bde24
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.3.20 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-20.fra6.r.cloudfront.net
Software: /
Resource Hash: 01baa205334355716be8e2b3d4f49a45ab52caabf08f42d7fdc7e888a0630a58

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

P-Country: BE
Date: Thu, 19 Mar 2020 15:10:59 GMT
Content-Encoding: gzip
P-Timetook: 8
X-Amz-Cf-Pop: FRA6-C1
X-Cache: Miss from cloudfront
P-Region: us-east-1a
Connection: keep-alive
Request-Id: bppon0vkd17000agiji0
P-Assettype: JS_APP
X-Amz-Cf-Id: DaRK4ZTzWzHKRhY1EgA2uBIfnwDLH8WdZkmtg4H4fQ7wOk9s_GgkQA==
P-Ip: 82.102.19.133
Vary: Origin
Content-Type: application/javascript
Via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: JjSBEjLaMkPuCQTR, User-Id, Request-Id, Adsource-Id
Cache-Control: public, max-age=1800
Content-Length: 35361
P-User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
P-Assetversion: 2020.03.04-16.15-197ea73

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflJMmkZC/ 37 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflJMmkZC/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6513766c0974fcef7b28cd5adceb151659a74a329197f96ce33b53f8bfbec14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 01:42:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134911
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 13475
x-xss-protection: 0
last-modified: Tue, 17 Mar 2020 22:35:23 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 26 Mar 2020 01:42:28 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 8ms
8ms Script
application/x-javascript 2600:9000:2057:7400:18:1fcd:349:ca21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:7400:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 92a3a79c64f777aa63d0d7ffe31e49c3fb9c15b207257071f482533864d0b43a

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 13:49:29 GMT
content-encoding: gzip
last-modified: Tue, 29 Oct 2019 02:09:28 GMT
server: nginx
age: 4890
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: h8YHwkIhsrWRqzTmPUbqUtZC9sPrbN4ulDRTfz3xByhALHRKR9haJg==
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
expires: Thu, 19 Mar 2020 15:49:29 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 48 KB
18 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

91772941c245b12f8fcb8447413a0d7ceb9864bf67147894775ea9062c59f82a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-HD0u4dgCOuPThtxK9bUaQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "7208491ced726c2d16c8da79ffd8e90e"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Thu, 19 Mar 2020 15:10:59 GMT

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/ 224 KB
84 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a369e130c680ce4782af107acfcac873193d111897fb92351f12453ea11a19e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 85397
x-xss-protection: 0
server: cafe
etag: 2345445785748755544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Mar 2020 15:10:59 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200316/r20190131/ Frame BD56 0
0 6ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200316/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 17 Mar 2020 01:35:31 GMT
expires: Tue, 31 Mar 2020 01:35:31 GMT
content-type: text/html; charset=UTF-8
etag: 17714563530871986051
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4497
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 221728
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 v3_11b2b9ec8f805a62b48ae6b59caf131a.json Show response
secure.widget.cloud.opta.net/subscriptions/ 3 KB
1 KB 34ms
33ms Script
application/javascript 23.37.42.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.widget.cloud.opta.net/subscriptions/v3_11b2b9ec8f805a62b48ae6b59caf131a.json
Requested by: Host: secure.widget.cloud.opta.net
URL: https://secure.widget.cloud.opta.net/v3/v3.opta-widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.42.13 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-13.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 97bacb09dd91b77761a3a5e7dabf4a3344cfeced24609a1bbc114fb1f195ca51

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
last-modified: Tue, 15 Jan 2019 23:29:42 GMT
server: AmazonS3
x-amz-request-id: 676A8B3A484F7A51
etag: "241dfd515ae7af4cd0404f03e9f6fb19"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
content-length: 869
x-amz-id-2: DZQkyxDaFxEyJjn8vwQ7Gh0f08VTjJurLzBlRUHy0YJJQc3ySE4yMK2XVcvMlEW50SzfOMm58lU=

GET
H2 200 en-gb.js Show response
secure.widget.cloud.opta.net/v3/lib/moment-locale/ 1 KB
1 KB 27ms
27ms Script
application/javascript 23.37.42.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.widget.cloud.opta.net/v3/lib/moment-locale/en-gb.js?v=3.30.0
Requested by: Host: secure.widget.cloud.opta.net
URL: https://secure.widget.cloud.opta.net/v3/v3.opta-widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.42.13 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-13.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 77a82730d99d5dda98abbdc95b9690b404ca8de98102c61327b2b51b9bf85cce

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
last-modified: Thu, 05 Mar 2020 13:48:27 GMT
server: AmazonS3
x-amz-request-id: 2EC7822302395208
etag: "b3e2c9bc37e87e4f1235ddcae4b81606"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 759
x-amz-id-2: rIuLHxHCJWhZS4F7nMVWDgKCK5buIAfBrV36HQk+p5Stz+jCQmzr7R6b7vgUhUY/JqDii6yhEUY=

GET
H2 200 Africa-Nairobi.js Show response
secure.widget.cloud.opta.net/data/tz/ 487 B
550 B 30ms
30ms Script
application/x-javascript 23.37.42.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.widget.cloud.opta.net/data/tz/Africa-Nairobi.js
Requested by: Host: secure.widget.cloud.opta.net
URL: https://secure.widget.cloud.opta.net/v3/v3.opta-widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.42.13 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-13.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7e8d9c99d5e2afc76174003ba659d8500f09e456726685a587692f0555867ed8

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 09:30:54 GMT
server: AmazonS3
x-amz-request-id: A19DE98A6941290A
etag: "50d79ce6ca8366d086eb6fafbb877ebb"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 262
x-amz-id-2: X54gN6Goe2bN0B60MptL55VgLnM1G9KFhhYCPP81fvBD4Gu1nae+yrSR7KDuwapdrn2zj+09dcc=

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 392 KB
114 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1a038bf1955664e746541f27ac767243&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b8b8617d3f8833b414dd18b2e2a04a314e3c55fc8d6285e9c7620d95a3b58ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: QzDdW9jrIHus+SEFsaT1WQ==
status: 200
date: Thu, 19 Mar 2020 15:10:59 GMT, Thu, 19 Mar 2020 15:10:59 GMT
expires: Fri, 19 Mar 2021 15:00:03 GMT
alt-svc: h3-27=":443"; ma=3600
content-length: 115878
x-fb-debug: 4ww5OSulCG0dOxzWl2kTLICp64Qss6EdvkptxF9aGdAzh6aZmTCVCbTnJvkOySMDe+5hIVcBRZjVPijmvGWmfw==
x-fb-trip-id: 2000377899
x-fb-content-md5: ce65be002964a0bf21ddcf9e56f33fd1
etag: "7dd553ff26d12c1e8ba990dbd13b3e9a"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 204
No Content p
ingestion.contentinsights.com/ 0
115 B 321ms
114ms Image
text/plain 52.202.215.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ingestion.contentinsights.com/p?a=JOSEPH%20WANGUI&b=https%3A%2F%2Fwww.google.com%2F&c=Sh51m%20fraud%20suspect%20held%20for%20four%20days&d=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&e=News&f=1714&g=2020-03-07%2016%3A10%3A00&h=fraud%20suspect%2C%20JKIA%2C%20Jomo%20Kenyatta%20International%20Airport%2C%20forex%20consultant%2C%20Emmanuel%20Mulinge%20Maundu%2C%20Nancy%20Nanzushi&i=&j=&k=&l=&m=&pid=5481714&u=1584630659862.583331126.5458343&ul=1584630659862.692355810.3833855&x=0.7419239997500682&t=0&err=&ver=14
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.215.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-215-150.compute-1.amazonaws.com
Software: akka-http/10.0.11 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Connection: keep-alive
Date: Thu, 19 Mar 2020 15:11:00 GMT
Server: akka-http/10.0.11

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.JKCQ2Hvuo0E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ/ 140 KB
49 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.JKCQ2Hvuo0E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24b45790f58b5d8c376ea8320617b5defa1c88576b7b8df5abf1337a758adba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 13 Mar 2020 16:37:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 15 Jan 2020 20:40:07 GMT
server: sffe
age: 513224
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 50234
x-xss-protection: 0
expires: Sat, 13 Mar 2021 16:37:15 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 334ms
120ms Image
image/gif 52.3.43.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=nation.co.ke&p=%2F5481714&u=7qmVVDrkQR1CzdajG&d=mobile.nation.co.ke&g=63208&g0=news&g1=JOSEPH%20WANGUI&n=1&f=00001&c=0&x=0&m=0&y=4830&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=https%3A%2F%2Fwww.google.com%2F&b=1072&t=DvH7Y4C-OnHErG_2LCnc2KumMYx0&V=118&i=Sh51m%20fraud%20suspect%20held%20for%20four%20days%20-%20Daily%20Nation&tz=-60&sn=1&sv=DDZ-03DFdxNvD47q_aCuEuXLUoL5u&sr=https%3A%2F%2Fwww.google.com%2F&sd=1&im=06030ffa&_
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.43.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-43-12.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
pragma: no-cache
date: Thu, 19 Mar 2020 15:11:00 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

GET
H2 200 impl.20200315-35-RELEASE.js Show response
cdn.taboola.com/libtrc/ 445 KB
126 KB 24ms
23ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20200315-35-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nationmediagroup-dailynation/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 180d0b4abb228f7a8a1c979259041539d5af9db809a6fc02338feb2ceee96634

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: ec0Hn9tNpNjUQkSU0dihT0e7pvNZjqym
content-encoding: gzip
age: 103
x-cache: HIT
status: 200
date: Thu, 19 Mar 2020 15:10:59 GMT
x-amz-replication-status: COMPLETED
content-length: 128752
x-amz-id-2: dxjCKDbN54XPm8gErpYY3ulGI0bBxKBeYVDYjrjfGQJi4FRsx1la7GYmlfc9cDhkAvJNnbNNkco=
x-served-by: cache-fra19131-FRA
last-modified: Mon, 16 Mar 2020 07:48:07 GMT
server: AmazonS3
x-timer: S1584630660.901773,VS0,VE0
etag: "7b9030df4626f0e70fc7db5ace750ce4"
vary: Accept-Encoding
x-amz-request-id: CA15C50E98E583AA
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 38
x-cache-hits: 1009

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 79ms
26ms Script
application/x-javascript 104.74.100.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nationmediagroup-dailynation/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.74.100.205 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-74-100-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 19 Mar 2020 15:10:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Fri, 20 Mar 2020 15:10:59 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 24A0 0
0 75ms
73ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0846142691248784&output=html&adk=3046330955&adf=2044148826&lmt=1584630659&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1584630659809&bpp=13&bdt=508&fdt=91&idt=92&shv=r20200316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=926091186532&frm=20&pv=2&ga_vid=1911570093.1584630660&ga_sid=1584630660&ga_hid=1473550051&ga_fc=0&iag=0&icsg=4490389023244284&dssz=84&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060078&oid=3&pvsid=1757419936386997&ref=https%3A%2F%2Fwww.google.com%2F&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=6&uci=a!6&fsb=1&dtd=104

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0846142691248784&output=html&adk=3046330955&adf=2044148826&lmt=1584630659&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1584630659809&bpp=13&bdt=508&fdt=91&idt=92&shv=r20200316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=926091186532&frm=20&pv=2&ga_vid=1911570093.1584630660&ga_sid=1584630660&ga_hid=1473550051&ga_fc=0&iag=0&icsg=4490389023244284&dssz=84&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060078&oid=3&pvsid=1757419936386997&ref=https%3A%2F%2Fwww.google.com%2F&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=6&uci=a!6&fsb=1&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 19 Mar 2020 15:11:00 GMT
server: cafe
content-length: 852
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 19-Mar-2020 15:25:59 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Thu, 19 Mar 2020 15:11:00 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3c1ca71fa82f349d1bb2b27ca3bddac4edc6de87e4bc7f963892d64c766368b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1584546268461058"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27525
x-xss-protection: 0
expires: Thu, 19 Mar 2020 15:10:59 GMT

GET
H2 200 subscriptions_6.js Show response
secure.widget.cloud.opta.net/v3/bin/ 1020 B
787 B 23ms
23ms Script
application/javascript 23.37.42.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.widget.cloud.opta.net/v3/bin/subscriptions_6.js?v=3.30.0
Requested by: Host: secure.widget.cloud.opta.net
URL: https://secure.widget.cloud.opta.net/v3/v3.opta-widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.42.13 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-13.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: be0e109552debcc662723934bf2097b0d700b49448cedf92c0aef3902a69617f

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:10:59 GMT
content-encoding: gzip
last-modified: Thu, 05 Mar 2020 13:48:18 GMT
server: AmazonS3
x-amz-request-id: F9F19041DE02A37F
etag: "73b9fedc029a2db2324a3b2b110c4f4a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 488
x-amz-id-2: u8mAv1KNyrZKDReMsLsv0EIEOt6FlP8xGrPnXY9NMJjynHVkrJbZuFq7ROS8fL34rseeeuGvN+o=

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003031842100/ Frame 76F6 200 KB
55 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003031842100/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be3e6a42b3069b41fa545824978a0b601b4de059253749ad57c8fd1b6bddf45e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1966
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55795
x-xss-protection: 0
server: sffe
date: Thu, 19 Mar 2020 14:38:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a96964b23e387b31"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Mar 2021 14:38:13 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003031842100/ Frame 76F6 200 KB
55 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003031842100/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be3e6a42b3069b41fa545824978a0b601b4de059253749ad57c8fd1b6bddf45e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1966
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55795
x-xss-protection: 0
server: sffe
date: Thu, 19 Mar 2020 14:38:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a96964b23e387b31"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Mar 2021 14:38:13 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012003031842100/v0/ Frame 76F6 16 KB
6 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003031842100/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43ed58a47eaa7134ec3300ded45afc01af073084130eb90beeb389da9814deec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 23372
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5727
x-xss-protection: 0
server: sffe
date: Thu, 19 Mar 2020 08:41:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "73b8fa958135ca02"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Mar 2021 08:41:27 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012003031842100/v0/ Frame 76F6 92 KB
28 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003031842100/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaad8e5b3abc10a8518e1f8dae5ecea96dc45db3c7461113c9b5f06902e0c50a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 7744
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28323
x-xss-protection: 0
server: sffe
date: Thu, 19 Mar 2020 13:01:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c55fc50a3cb141e2"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Mar 2021 13:01:55 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012003031842100/v0/ Frame 76F6 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003031842100/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b3f9cc6b1e1cd02649447c72d77f9cef2fc81cfdea5b47a20f507eed6483a31

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 23336
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1392
x-xss-protection: 0
server: sffe
date: Thu, 19 Mar 2020 08:42:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d4f783c5765ebbae"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Mar 2021 08:42:03 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012003031842100/v0/ Frame 76F6 46 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003031842100/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad1368b0463703245ec260353fb66da9b8bef31a2468f8392c8eeea6a55cdda

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 23372
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14845
x-xss-protection: 0
server: sffe
date: Thu, 19 Mar 2020 08:41:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "688737a9eb3f24de"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Mar 2021 08:41:27 GMT

GET
DATA 200
OK truncated
/ Frame 76F6 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10cb3aada47cb64eb8ebb1dc871492eb66144a651950362ba48133c9e30aa2d3

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012003031842100/ 20 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003031842100/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fa58b512176de3de4ee84324c9cb545d4ee79937b6a3518af6ed1a5e61378db

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2352
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 7159
x-xss-protection: 0
server: sffe
date: Thu, 19 Mar 2020 14:31:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8d5b3500a9fa769d"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Mar 2021 14:31:47 GMT

GET
H2 200 17539095426042508141
tpc.googlesyndication.com/simgad/ Frame 76F6 62 KB
62 KB 8ms
7ms Image
image/png 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17539095426042508141?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlHJfN8PgmMsk1xiIE-VZn6lZUh_A

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b39d8fb0047eb0eb2faaa07123395819a4dd20c384ba524f5609ea956ef0e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 20:33:54 GMT
x-content-type-options: nosniff
last-modified: Mon, 29 Apr 2019 01:26:23 GMT
server: sffe
age: 239825
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 63105
x-xss-protection: 0
expires: Tue, 16 Mar 2021 20:33:54 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 76F6 2 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 11:08:58 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 14521
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Fri, 20 Mar 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 76F6 295 B
404 B 7ms
7ms Image
image/png 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 12:55:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 8138
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 20 Mar 2020 12:55:21 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 76F6 0
0 52ms
52ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_PBrg4tzXu_GK4PjgQeXkpSgDomAtfRa4svQmdwKtuzs7K4JEAEg4L3pH2C56L6A1AGgAcjBjMUDyAEC4AIAqAMByAMIqgSsAk_QjysYtTOoUFZTUQOUYGFe4Jt5wsFaodXkmz8Bh19sGnAFl6aues6CeGEvh_rCQH5OxI5BZeargOCXRRLnOC8exh6U797y8WcW8F9cY6QYn4fjEY_o3-mlnSYQj4Qp---7NC3bIR4jmboytkmEnq8q9iCGtu_D6UgzSErtTOthWGkZTwzkguSB-hVRhdAfpz6ZLK1KkC8r70UHqvokdDu_2X2bjD6k2VU38JRn2JqOVXvSlbCgDbtjHMyBGL9J0maM5CXN7Yf-ylvm1OdJkTgWpocAaV1o9C5mTB3roXQEqZrW5rSxAPKy1zqGl02ALwGP7OGPYg6miiHLPYWax02lRZWmWKCjHwHLnH_oEGZ_TFOPH9a0z_SvrILokJ24-bVKD42mWdXoWMe0DsAEh6-86vIC4AQBkgUECAQYAZIFBAgFGASgBgKAB4Co7IUBqAeOzhuoB9XJG6gHk9gbqAef2xuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQy-ME0ggJCIDhgBAQARgdgAoDyAsB2BMM&sigh=X7tXwa5CWuc&tpd=AGWhJmttqFsr7uubkJcAoloH2fIjlyFcW2pXeDO68ltGCgg1zg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 200 json Show response
trc.taboola.com/nationmediagroup-dailynation/trc/3/ 28 KB
10 KB 312ms
254ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/nationmediagroup-dailynation/trc/3/json?tim=16%3A11%3A00.020&lti=deflated&data=%7B%22id%22%3A910%2C%22ii%22%3A%22%2Fnews%2Fsh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1584630660016%2C%22cv%22%3A%2220200315-35-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22e%22%3A%22https%3A%2F%2Fwww.google.com%2F%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A18%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A4020.359375%2C%22mw%22%3A550%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200315-35-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 019c0b2e6985977e453cedf5d8da74d65ccfd87b304184160d92402fa91967d7

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-vcl-time-ms: 229
date: Thu, 19 Mar 2020 15:11:00 GMT
content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
via: 1.1 varnish
x-served-by: cache-hhn4071-HHN
server: nginx
x-timer: S1584630660.090421,VS0,VE229
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1584630660058&ns_c=UTF-8&cv=3.5&c8=Sh51m%20fraud%20suspect%20held%20for%20four%20days%20-%20Daily%20Nation&c7=https%3A%2F%2F...
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584630660058&ns_c=UTF-8&cv=3.5&c8=Sh51m%20fraud%20suspect%20held%20for%20four%20days%20-%20Daily%20Nation&c7=https%3A%2F%2...

0
248 B

45ms
45ms

Image
text/plain

104.74.100.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584630660058&ns_c=UTF-8&cv=3.5&c8=Sh51m%20fraud%20suspect%20held%20for%20four%20days%20-%20Daily%20Nation&c7=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&c9=https%3A%2F%2Fwww.google.com%2F
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.74.100.205 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-74-100-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Mar 2020 15:11:00 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584630660058&ns_c=UTF-8&cv=3.5&c8=Sh51m%20fraud%20suspect%20held%20for%20four%20days%20-%20Daily%20Nation&c7=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&c9=https%3A%2F%2Fwww.google.com%2F
Pragma: no-cache
Date: Thu, 19 Mar 2020 15:11:00 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 2_zQqLQZ8bU-27nT1-IBouTP1ubK2uXT1K4BreYAorPW27PTrrQ-rrbU1_0Z8f0Z8f0-vdLN1Mkqq80WrvU_p8sN18gy6uMKu7E-yLoSwe4r680K6e0pp7YJ2bQq69XP2LIqyLERz-8n3eU0xvUApNcX1Mgz3-UgpuA3yPkIwdg36-QGpu4_pNcWwdgv3eY1wvcqy... Show response
173jkou.mkcltwzhu.com/ 23 B
869 B 256ms
126ms XHR
application/json 99.86.3.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://173jkou.mkcltwzhu.com/2_zQqLQZ8bU-27nT1-IBouTP1ubK2uXT1K4BreYAorPW27PTrrQ-rrbU1_0Z8f0Z8f0-vdLN1Mkqq80WrvU_p8sN18gy6uMKu7E-yLoSwe4r680K6e0pp7YJ2bQq69XP2LIqyLERz-8n3eU0xvUApNcX1Mgz3-UgpuA3yPkIwdg36-QGpu4_pNcWwdgv3eY1wvcqyevOwsUIpc8GpbIruegVw_sipc00w_YsyPkLz9PW5eMKx-0CtLYM2cfO5P0Z8bHSqrPRrbTOpbDdYDd?DMQMOUNYxYD42T=EzD
Requested by: Host: ggblmmkf.uuxnwoevyb.com
URL: https://ggblmmkf.uuxnwoevyb.com/99f943cab373e138244a9f28cd6bde24
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.3.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-43.fra6.r.cloudfront.net
Software: /
Resource Hash: 9fdde15f2b553982d2c529ca9919e67bd48f116d669c7abe2cbbca51250848a9

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

P-Country: BE
Date: Thu, 19 Mar 2020 15:11:00 GMT
Via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
P-Timetook: 0
Request-Id: bppon10gdrfg00cmohn0
X-Amz-Cf-Pop: FRA6-C1
X-Cache: Miss from cloudfront
Connection: keep-alive
P-Region: us-east-1a
Content-Length: 23
P-Ip: 82.102.19.133
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://mobile.nation.co.ke
Access-Control-Expose-Headers: JjSBEjLaMkPuCQTR, User-Id, Request-Id, Adsource-Id
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
P-User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Amz-Cf-Id: eupHTJFrJhkLys4LBPUADBtymW7lBHB2dsDFpiCDYWs9ftrvsLmLlA==

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 76F6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
15ms

Image
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Thu, 19 Mar 2020 15:11:00 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 v3.app.opta-widgets.js Show response
secure.widget.cloud.opta.net/v3/ 158 KB
44 KB 32ms
31ms Script
application/javascript 23.37.42.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.widget.cloud.opta.net/v3/v3.app.opta-widgets.js
Requested by: Host: secure.widget.cloud.opta.net
URL: https://secure.widget.cloud.opta.net/v3/v3.opta-widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.42.13 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-13.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 68acb1dbd74cdd7d263b1d894077e1a737c18a1d546f7bbb8290cc6e369e1bd6

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
content-encoding: gzip
last-modified: Thu, 05 Mar 2020 13:48:45 GMT
server: AmazonS3
x-amz-request-id: B7DB2359C15569E1
etag: "921572d042bc0971f15d2114d024566d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 44940
x-amz-id-2: 3H4gWDyjLrXhN0gT3Hxpi2bo0IlWSoboSfqtBFKsUlByKhC1SurYRyERqYhMUN1ZN6GkqVMzO3A=

GET
H2 200 17539095426042508141
tpc.googlesyndication.com/simgad/ Frame 76F6 62 KB
62 KB 6ms
5ms Image
image/png 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17539095426042508141?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlHJfN8PgmMsk1xiIE-VZn6lZUh_A

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003031842100/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b39d8fb0047eb0eb2faaa07123395819a4dd20c384ba524f5609ea956ef0e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 20:33:54 GMT
x-content-type-options: nosniff
last-modified: Mon, 29 Apr 2019 01:26:23 GMT
server: sffe
age: 239826
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 63105
x-xss-protection: 0
expires: Tue, 16 Mar 2021 20:33:54 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 76F6 2 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003031842100/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 11:08:58 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 14522
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Fri, 20 Mar 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 76F6 295 B
363 B 8ms
8ms Image
image/png 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003031842100/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 12:55:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 8139
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 20 Mar 2020 12:55:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: secure.widget.cloud.opta.net
URL: https://secure.widget.cloud.opta.net/v3/v3.opta-widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1945
date: Thu, 19 Mar 2020 14:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Thu, 19 Mar 2020 16:38:35 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 76E8 264 KB
90 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ggblmmkf.uuxnwoevyb.com
URL: https://ggblmmkf.uuxnwoevyb.com/99f943cab373e138244a9f28cd6bde24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f34922bc830fe07b84412052407d933809cf522f9ba778b2511fe7575a0e3486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 91752
x-xss-protection: 0
expires: Thu, 19 Mar 2020 15:11:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 76E8 29 B
93 B 5ms
5ms Script
text/javascript 2a00:1450:4001:825::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: ggblmmkf.uuxnwoevyb.com
URL: https://ggblmmkf.uuxnwoevyb.com/99f943cab373e138244a9f28cd6bde24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:01:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 544
content-type: text/javascript
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 29
x-xss-protection: 0
expires: Thu, 19 Mar 2020 15:16:56 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003031842100/ Frame F12B 200 KB
55 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003031842100/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be3e6a42b3069b41fa545824978a0b601b4de059253749ad57c8fd1b6bddf45e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1967
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55795
x-xss-protection: 0
server: sffe
date: Thu, 19 Mar 2020 14:38:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a96964b23e387b31"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Mar 2021 14:38:13 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003031842100/ Frame F12B 200 KB
55 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003031842100/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be3e6a42b3069b41fa545824978a0b601b4de059253749ad57c8fd1b6bddf45e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1967
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55795
x-xss-protection: 0
server: sffe
date: Thu, 19 Mar 2020 14:38:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a96964b23e387b31"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Mar 2021 14:38:13 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012003031842100/v0/ Frame F12B 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003031842100/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43ed58a47eaa7134ec3300ded45afc01af073084130eb90beeb389da9814deec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 23373
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5727
x-xss-protection: 0
server: sffe
date: Thu, 19 Mar 2020 08:41:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "73b8fa958135ca02"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Mar 2021 08:41:27 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012003031842100/v0/ Frame F12B 92 KB
28 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003031842100/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaad8e5b3abc10a8518e1f8dae5ecea96dc45db3c7461113c9b5f06902e0c50a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 7745
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28323
x-xss-protection: 0
server: sffe
date: Thu, 19 Mar 2020 13:01:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c55fc50a3cb141e2"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Mar 2021 13:01:55 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012003031842100/v0/ Frame F12B 3 KB
1 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003031842100/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b3f9cc6b1e1cd02649447c72d77f9cef2fc81cfdea5b47a20f507eed6483a31

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 23337
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1392
x-xss-protection: 0
server: sffe
date: Thu, 19 Mar 2020 08:42:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d4f783c5765ebbae"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Mar 2021 08:42:03 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012003031842100/v0/ Frame F12B 46 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003031842100/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad1368b0463703245ec260353fb66da9b8bef31a2468f8392c8eeea6a55cdda

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 23373
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14845
x-xss-protection: 0
server: sffe
date: Thu, 19 Mar 2020 08:41:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "688737a9eb3f24de"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Mar 2021 08:41:27 GMT

GET
H2 200 17539095426042508141
tpc.googlesyndication.com/simgad/ Frame F12B 62 KB
62 KB 7ms
7ms Image
image/png 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17539095426042508141?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlHJfN8PgmMsk1xiIE-VZn6lZUh_A

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b39d8fb0047eb0eb2faaa07123395819a4dd20c384ba524f5609ea956ef0e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 20:33:54 GMT
x-content-type-options: nosniff
last-modified: Mon, 29 Apr 2019 01:26:23 GMT
server: sffe
age: 239826
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 63105
x-xss-protection: 0
expires: Tue, 16 Mar 2021 20:33:54 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F12B 2 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 11:08:58 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 14522
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Fri, 20 Mar 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F12B 295 B
359 B 10ms
10ms Image
image/png 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 12:55:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 8139
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 20 Mar 2020 12:55:21 GMT

GET
DATA 200
OK truncated
/ Frame F12B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33f22ed72d2e0cdf91fc3d4a2d9dd855b45fab17d4944cba7625afecf266c4b2

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F12B 0
0 34ms
34ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CrGW5hItzXqjABNTE7gPalLUQiYC19Friy9CZ3Aq27OzsrgkQASDgvekfYLnovoDUAaAByMGMxQPIAQLgAgCoAwHIAwiqBKwCT9AX1SzU1myDQrIg6QXbKuv2Ad5RKiBEn8N66YT4Kfvvke-I6Nwk2y7fYSyg-8EyxVMUmcZ-5MmLq-U4uEd2WzkUi5ZoyzJLjaCOOaXttHlbt6IaFIVd-sHN4a0OssXV9TQS6Dxmo-oEyiict27KQcSs5-R-KGvgz19SbqlAUfg9VaIm1Ei8bRMixIu3i7WVjR0a6-L-zzjbm9NuLlC_SOKrQl3SFBRjwgK7ju5S4x7oOhyR7D9QiEVv7zLWYo-Oguj8FRcCUrRSKRCr5Nc7C7m-oCLpWOx5rLTl8Sp5Y2Z4EqFLfjlCLmCyHxFR58URszZ56zdN5F00RV9p2zctwdum-MBmSfgt_DpabPhTu9MDObPBGpIzJn4Z0yzA_jU3QYCwqcS2Vm73ptkdwASHr7zq8gLgBAGSBQQIBBgBkgUECAUYBKAGAoAHgKjshQGoB47OG6gH1ckbqAeT2BuoB5_bG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBCf1ATSCAkIgOGAEBABGB2ACgPICwHYEww&sigh=u9t5Nd3zSdU&tpd=AGWhJmtrY7ArWGLbPc9CpjuhT8wx21bziVQXt1vvQbmcSqHhVg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 200 tb Show response
15.taboola.com/ 22 KB
22 KB 81ms
34ms Script
text/html 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=nationmediagroup-dailynation&unitType=59&tbloc=&pageType=text&pstn=Slider%20-%20Video&uuip=&cisrf=https%3A%2F%2Fwww.google.com%2F&cirf=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&encoded=1&uid=178f195b-e0d8-44bc-942d-e48740e952c0-tuct56d1104&variant=-100|493365&callback=TRC.videoTagCallbacks.videoCallback1&cb=1584630660374&tagid=&cntry=BE&platform=1&sesid=1c9e7710e1678324237cd2e35ff2faae&itemid=/news/sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html&viewid=1584630660016&geolat=&geoing=&deviceifa=&appid=&sd=v2_1c9e7710e1678324237cd2e35ff2faae_178f195b-e0d8-44bc-942d-e48740e952c0-tuct56d1104_1584630660_1584630660_CAwQ5qVBGLD345qPLiABKAEwFjjqxgdA4YYQSPjwjAJQ____________AVgAYABo5YTr_anMs6vkAQ&ri=f442ae2da983665825fe611ebae62fb1&appname=&cdb=&gdprApplies=&rid=&sii=1061698278599889383&oee=true&tpubid=1069798&uis=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200315-35-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: befa8b01a8554b81b8290c55ba3da26b75b0f13920156d313fb4e4d08718ea24

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584630660.429201,VS0,VE13
machineid: 1415
x-served-by: cache-hhn4079-HHN
x-cache: MISS
content-type: text/html;charset=ISO-8859-1
status: 200
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
x-cache-hits: 0
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 userx.20200315-35-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 22 KB
8 KB 27ms
24ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20200315-35-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nationmediagroup-dailynation/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ac68802a814bb1744631cbe7d7b870fbc4e25d3dfdd5f45a2a5e55129c76940

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: xsP5wSYFAogc.gWzOFLxsxxkk5_igLzJ
content-encoding: gzip
age: 18
x-cache: HIT
status: 200
date: Thu, 19 Mar 2020 15:11:00 GMT
x-amz-replication-status: COMPLETED
content-length: 7712
x-amz-id-2: CNUnBDrGQ2gABQVkyDeS5rGQ1+ihTfAlupFYRPYiZG3Pf7e7xL3g2h2ojg/Dk00+pStYpXDdZnQ=
x-served-by: cache-fra19131-FRA
last-modified: Mon, 16 Mar 2020 07:48:14 GMT
server: AmazonS3
x-timer: S1584630660.386958,VS0,VE0
etag: "a42adc1d671d2398c6443eb0599ca8a6"
vary: Accept-Encoding
x-amz-request-id: 2FA10B3B681AECCF
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 73
x-cache-hits: 47

GET
H2

204

rtb-h
trc.taboola.com/sg/exposebox-network/1/ Frame 2DAE
Redirect Chain

https://server.exposebox.com/rcm
https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go828t3jir

0
53 B

29ms
28ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go828t3jir
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584630660.488210,VS0,VE9
x-served-by: cache-hhn4071-HHN
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 google
x-powered-by: Express
location: //trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go828t3jir
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 302
cache-control: max-age:0
alt-svc: clear
expires: 0

GET
H2

200

match
match.zorosrv.com/ Frame 2DAE
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9f1fdd3d-1091-4b98-a7cb-ea50ae1ff662
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9f1fdd3d-1091-4b98-a7cb-ea50ae1ff662&tbid=178f195b-e0d8-44bc-942d-e48740e952c0-tuct56d1104&query=taboola_hm%3D9f1fdd3d-1091-...
https://match.zorosrv.com/match?tabid=178f195b-e0d8-44bc-942d-e48740e952c0-tuct56d1104&extuid=9f1fdd3d-1091-4b98-a7cb-ea50ae1ff662&excid=218&query=taboola_hm%3D9f1fdd3d-1091-4b98-a7cb-ea50ae1ff662

0
293 B

31ms
30ms

Image
text/plain

151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.zorosrv.com/match?tabid=178f195b-e0d8-44bc-942d-e48740e952c0-tuct56d1104&extuid=9f1fdd3d-1091-4b98-a7cb-ea50ae1ff662&excid=218&query=taboola_hm%3D9f1fdd3d-1091-4b98-a7cb-ea50ae1ff662
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584630661.604740,VS0,VE8
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI IDC DSP COR CURa ADMa OUR IND COM STA NOR UNI"
status: 200
x-cache-hits: 0
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, X-Prototype-Version, Content-Type, Origin, Allow
content-length: 0
x-served-by: cache-hhn4079-HHN

Redirect headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584630661.573025,VS0,VE9
location: https://match.zorosrv.com/match?tabid=178f195b-e0d8-44bc-942d-e48740e952c0-tuct56d1104&extuid=9f1fdd3d-1091-4b98-a7cb-ea50ae1ff662&excid=218&query=taboola_hm%3D9f1fdd3d-1091-4b98-a7cb-ea50ae1ff662
x-cache: MISS
status: 302
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19176-FRA

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 2DAE 0
239 B 105ms
27ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H2

200

/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame 2DAE
Redirect Chain

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps...
https://px.powerlinks.com/user/sync/dsps?userId=fc925e73-8b84-4800-a475-9891b553a5b8&sourceId=aa4e7548-789b-4df8-a72f-d951a5b206eb&sync=0&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-net...
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=RyWVrQzKYW5rLwqmHEx8i_XxZDZk15FMeXCFVnYKKr4%3D

45 B
106 B

53ms
53ms

Image
image/gif

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=RyWVrQzKYW5rLwqmHEx8i_XxZDZk15FMeXCFVnYKKr4%3D
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 24
date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584630661.711500,VS0,VE24
x-served-by: cache-hhn4071-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

Location: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=RyWVrQzKYW5rLwqmHEx8i_XxZDZk15FMeXCFVnYKKr4%3D
Date: Thu, 19 Mar 2020 15:11:00 GMT
Server: nginx
Connection: close
Etag: "RyWVrQzKYW5rLwqmHEx8i_XxZDZk15FMeXCFVnYKKr4="
Content-Length: 0

GET
H2

200

/
trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/ Frame 2DAE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]
https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=fc925e73-8b84-4800-a475-9891b553a5b8
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=fc925e73-8b84-4800-a475-9891b553a5b8

0
54 B

28ms
28ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=fc925e73-8b84-4800-a475-9891b553a5b8
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584630661.545258,VS0,VE8
x-served-by: cache-hhn4071-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

Date: Thu, 19 Mar 2020 15:11:00 GMT
Server: MT3 2187 76c51ad master zrh-pixel-x18
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=fc925e73-8b84-4800-a475-9891b553a5b8
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 19 Mar 2020 15:10:59 GMT

GET
H2

204

/
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 2DAE
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Ns2IVuhGEfbk&ev=1&pid=562107

0
54 B

28ms
28ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Ns2IVuhGEfbk&ev=1&pid=562107
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584630660.458017,VS0,VE8
x-served-by: cache-hhn4071-HHN
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Ns2IVuhGEfbk&ev=1&pid=562107
content-language: en-US
status: 302
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-c96d8d657-rwgrv
expires: -1

GET
H2

204

/
trc.taboola.com/sg/rtbhouse-network/1/rtb-h/ Frame 2DAE
Redirect Chain

https://creativecdn.com/cm-notify?pi=taboola
https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=vmyXINpHUSRltH9acLXY&pi=taboola&tc=1

0
52 B

28ms
27ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=vmyXINpHUSRltH9acLXY&pi=taboola&tc=1
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584630660.476569,VS0,VE8
x-served-by: cache-hhn4071-HHN
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

status: 302
pragma: no-cache
date: Thu, 19 Mar 2020 15:11:00 GMT, Thu, 19 Mar 2020 15:11:00 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=vmyXINpHUSRltH9acLXY&pi=taboola&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 2DAE 43 B
691 B 68ms
21ms Image
image/gif 185.33.223.208
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 19 Mar 2020 15:11:02 GMT
AN-X-Request-Uuid: 7897c3eb-0c09-408d-a880-3577f3bc8a9d
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.102.19.133; 82.102.19.133; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.101:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 2DAE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELfz-pvpe2XD2H-OTRGDxdg&google_cver=1

0
54 B

28ms
27ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELfz-pvpe2XD2H-OTRGDxdg&google_cver=1
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584630660.478401,VS0,VE8
x-served-by: cache-hhn4071-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Thu, 19 Mar 2020 15:11:00 GMT
server: HTTP server (unknown)
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELfz-pvpe2XD2H-OTRGDxdg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 2DAE 43 B
690 B 17ms
17ms Image
image/gif 185.33.223.208
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 19 Mar 2020 15:11:02 GMT
AN-X-Request-Uuid: e359520f-ac4b-442a-aa49-63418a484ad0
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.102.19.133; 82.102.19.133; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.74:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 2DAE
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b1aa354b-610b-45fb-b8b9-4fddb77be5b6

0
54 B

29ms
29ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b1aa354b-610b-45fb-b8b9-4fddb77be5b6
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584630661.616207,VS0,VE8
x-served-by: cache-hhn4071-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Thu, 19 Mar 2020 15:11:00 GMT
x-aspnet-version: 4.0.30319
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b1aa354b-610b-45fb-b8b9-4fddb77be5b6
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 302
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H2

200

rtb-h
trc.taboola.com/sg/storygize-network/1/ Frame 2DAE
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=178f195b-e0d8-44bc-942d-e48740e952c0-tuct56d1104
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
183 B

95ms
95ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 19 Mar 2020 15:11:01 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584630661.263261,VS0,VE9
x-served-by: cache-hhn4071-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

Location: https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
expires: 0
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 2DAE 35 B
380 B 410ms
106ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-ServerName: Track002-dc3
Pragma: no-cache
Date: Thu, 19 Mar 2020 15:11:00 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame 2DAE 0
176 B 281ms
92ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=178f195b-e0d8-44bc-942d-e48740e952c0-tuct56d1104&_r=936375
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 19 Mar 2020 15:11:00 GMT
cache-control: no-store
x-envoy-upstream-service-time: 1
Server: nginx
Connection: close
Content-Length: 0

GET
H2

200

/
trc.taboola.com/sg/bidswitch-network/1/rtb-h/ Frame 2DAE
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola
https://x.bidswitch.net/ul_cb/sync?ssp=taboola
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola
https://x.bidswitch.net/sync?dsp_id=70&user_id=7072567428973934420&ssp=taboola
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=6f872591-d926-482a-ab08-d42bd8098600

0
55 B

28ms
28ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=6f872591-d926-482a-ab08-d42bd8098600
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584630661.806316,VS0,VE8
x-served-by: cache-hhn4071-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

status: 302
date: Thu, 19 Mar 2020 15:11:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=6f872591-d926-482a-ab08-d42bd8098600
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 e9930702cceded5fad3bd5b2c6daa285.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 25ms
23ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e9930702cceded5fad3bd5b2c6daa285.jpg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d26fab162048604ea173c52c7cb77e5baa55d19073bce450b2fd449e3f6b1881

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1045285
edge-cache-tag: 423966891668800850433990025861489566617,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Tue, 10 Mar 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e9930702cceded5fad3bd5b2c6daa285.jpg
content-length: 13370
x-served-by: cache-dca17738-DCA, cache-dca17780-DCA, cache-fra19131-FRA
last-modified: Sat, 08 Feb 2020 08:25:18 GMT
server: cloudinary
x-timer: S1584630661.510098,VS0,VE1
etag: "b9569290ae531bc13da51b53776eb5ed"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 031.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//blogs.dailylifetech.com/b/g7smartwatch/401/ 25 KB
26 KB 25ms
25ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//blogs.dailylifetech.com/b/g7smartwatch/401/031.jpg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 87926448eb83895e5962f8158621bfb3b8b047ea935061de6c1dd1f07c51cc18

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 864426
edge-cache-tag: 353840855292471540406062042232792321806,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//blogs.dailylifetech.com/b/g7smartwatch/401/031.jpg
content-length: 25935
x-request-id: e2a41a909e2cf1c9f3a9de3d36f67fac
x-served-by: cache-dca17720-DCA, cache-dca17723-DCA, cache-fra19131-FRA
last-modified: Sun, 23 Feb 2020 11:42:40 GMT
server: cloudinary
x-timer: S1584630661.519870,VS0,VE0
etag: "5a8b74fe85789f097f92ef29f0ad79e3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 531

GET
H2 200 34ae3d8438b9f0684092dd84dd25fdb9.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 55 KB
56 KB 23ms
23ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34ae3d8438b9f0684092dd84dd25fdb9.jpeg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d1a9e2b6833dae8729553019a14aa4bc080d95e890b7944f068cfb252b98bf1d

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 3740867
edge-cache-tag: 501898018763052567145069362010418137997,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Tue, 18 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34ae3d8438b9f0684092dd84dd25fdb9.jpeg
content-length: 56682
x-served-by: cache-dca17782-DCA, cache-dca17743-DCA, cache-fra19131-FRA
last-modified: Sat, 18 Jan 2020 05:09:10 GMT
server: cloudinary
x-timer: S1584630661.533893,VS0,VE0
etag: "5822f472d036d3589adbf1723ecc5ccd"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 1715

GET
H2 200 e15dfae4-b658-4d18-895b-90d8cfb8a097.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/ 19 KB
20 KB 23ms
23ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/e15dfae4-b658-4d18-895b-90d8cfb8a097.jpg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: fa7a632c8018545d842edbd76099eaf599fe284d51a777abcf1d20ecc584d7f5

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1403911
edge-cache-tag: 519596215069384034368424873554882070701,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sun, 08 Mar 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/e15dfae4-b658-4d18-895b-90d8cfb8a097.jpg
content-length: 19462
x-served-by: cache-dca17752-DCA, cache-dca17730-DCA, cache-fra19131-FRA
last-modified: Thu, 06 Feb 2020 10:20:52 GMT
server: cloudinary
x-timer: S1584630661.545136,VS0,VE1
etag: "6ab1875dfbe3aa2b3cb89ce87e032a1c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 dc9818e24c339b0f4c066314a7bfe71e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 21 KB
21 KB 64ms
64ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc9818e24c339b0f4c066314a7bfe71e.jpg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4134f334cb950392ce1b7708a25ea2929f1e975e9cdb90f2972ab95955c46764

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 3209001
edge-cache-tag: 316376964530947663731713002560942685493,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Wed, 19 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc9818e24c339b0f4c066314a7bfe71e.jpg
content-length: 21110
x-served-by: cache-dca17733-DCA, cache-dca17782-DCA, cache-fra19131-FRA
last-modified: Sun, 19 Jan 2020 05:54:59 GMT
server: cloudinary
x-timer: S1584630661.562504,VS0,VE0
etag: "054f4d07346df298de20ee95f5643020"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 17

GET
H2 200 7f3acf3c652d50a659fa213040c35d65.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 21 KB
21 KB 64ms
64ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7f3acf3c652d50a659fa213040c35d65.png
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: a4b7be8e12bf1310574df2573826de89f7d7d99b54a2bdc1a9dc3679baff8ef1

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 702622
edge-cache-tag: 541413275657508094009421339896850532288,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7f3acf3c652d50a659fa213040c35d65.png
content-length: 21004
x-request-id: d094fd1eb0efa009c849ad052fc2c47a
x-served-by: cache-dca17769-DCA, cache-dca17740-DCA, cache-fra19131-FRA
last-modified: Tue, 10 Mar 2020 16:19:35 GMT
server: cloudinary
x-timer: S1584630661.600568,VS0,VE0
etag: "dc3785f843530954e00d3da19d61ed03"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 4ae6676ec17c285e2c9904ba484cc02a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 57ms
57ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ae6676ec17c285e2c9904ba484cc02a.jpg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: b611ca25d099fc6b89087e108c4c5ebfca18ffb0f76a3decabfe88ab60caf12e

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1457529
edge-cache-tag: 398004716724488655026773122955239319345,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Mon, 16 Mar 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ae6676ec17c285e2c9904ba484cc02a.jpg
content-length: 15544
x-served-by: cache-dca17771-DCA, cache-dca17743-DCA, cache-fra19131-FRA
last-modified: Fri, 14 Feb 2020 14:03:04 GMT
server: cloudinary
x-timer: S1584630661.600529,VS0,VE1
etag: "afacdac84ad5abcbc54759d29a68a9c8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 f4540eb0376aab0168c9387ce2059c49.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 35 KB
35 KB 23ms
23ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f4540eb0376aab0168c9387ce2059c49.jpg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9baf0b7993a1275cbeeb104ea5a8665019948f89391755569ff1d91696fc4e1d

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 3804301
edge-cache-tag: 503480157965941711032448973341189497829,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Tue, 25 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f4540eb0376aab0168c9387ce2059c49.jpg
content-length: 35391
x-served-by: cache-dca17777-DCA, cache-dca17777-DCA, cache-fra19131-FRA
last-modified: Sat, 25 Jan 2020 15:10:49 GMT
server: cloudinary
x-timer: S1584630661.623613,VS0,VE0
etag: "81ea68723319b5c983487c0e45fbd2b0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 3, 29

GET
H2 200 Anna-Kournikova-.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.haircutsmag.com/wp-content/uploads/2019/07/ 12 KB
13 KB 24ms
24ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.haircutsmag.com/wp-content/uploads/2019/07/Anna-Kournikova-.jpg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4eeac1c750e8d8135f3c05a8c37e6f5dd21fd2f446b669a08db1f3f0638567ed

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2819179
edge-cache-tag: 615927294659228504583676038812883150607,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Tue, 17 Mar 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.haircutsmag.com/wp-content/uploads/2019/07/Anna-Kournikova-.jpg
content-length: 12446
x-served-by: cache-dca17772-DCA, cache-dca17725-DCA, cache-fra19131-FRA
last-modified: Sat, 15 Feb 2020 23:07:41 GMT
server: cloudinary
x-timer: S1584630661.635010,VS0,VE1
etag: "a8d65f4bb7fc22d5eec0f0196d688bcf"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 8b8b2ff2e987d48c063ca34a5361d012.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboolasyndication.com/libtrc/static/thumbnails/ 14 KB
14 KB 26ms
26ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboolasyndication.com/libtrc/static/thumbnails/8b8b2ff2e987d48c063ca34a5361d012.jpg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1496e3ea9e6ee11969dc9729f59ec7c4ec44d82ea31742c9ee30ff1c9ce8064c

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 3804674
edge-cache-tag: 604275047712431107110061106029232823248,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Mon, 10 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboolasyndication.com/libtrc/static/thumbnails/8b8b2ff2e987d48c063ca34a5361d012.jpg
content-length: 14035
x-served-by: cache-dca17725-DCA, cache-dca17755-DCA, cache-fra19131-FRA
last-modified: Fri, 10 Jan 2020 11:45:14 GMT
server: cloudinary
x-timer: S1584630661.636449,VS0,VE1
etag: "e45ef429dfcc70e47e40fc29ff041698"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 1029704850__n96eXJyB.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 21 KB
21 KB 25ms
25ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1029704850__n96eXJyB.jpg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 780f6a5bbe40cce5ad109b81778504b58da92592cc5e85d812065a426ded355b

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 3285116
edge-cache-tag: 612499527967239858989948182741907007346,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Thu, 20 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1029704850__n96eXJyB.jpg
content-length: 21324
x-served-by: cache-dca17729-DCA, cache-dca17744-DCA, cache-fra19131-FRA
last-modified: Mon, 20 Jan 2020 14:39:44 GMT
server: cloudinary
x-timer: S1584630661.636427,VS0,VE0
etag: "983149502a702a75425534d4a7f5eec1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 4

GET
H2 200 493cf3cc87e7ce480ad2384788be1b23.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
13 KB 26ms
26ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/493cf3cc87e7ce480ad2384788be1b23.jpg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 137551bbf9741a71172f1dc05b17ec1f38473acb0f7d335e0be8600c6884330e

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2162576
edge-cache-tag: 382543808963186226527612956552872322010,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Mon, 09 Mar 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/493cf3cc87e7ce480ad2384788be1b23.jpg
content-length: 13195
x-served-by: cache-dca17782-DCA, cache-dca17752-DCA, cache-fra19131-FRA
last-modified: Fri, 07 Feb 2020 10:21:44 GMT
server: cloudinary
x-timer: S1584630661.648999,VS0,VE1
etag: "2d20a2cae8f85d1d9c70a12db5fab857"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 e89ab78ae09f30fc3c3daae77dad5345.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 24ms
24ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e89ab78ae09f30fc3c3daae77dad5345.jpg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: a1775b98570c7a17f738f16f00ca4db8261de616adacf11f7686cf31eb7948ae

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 3367132
edge-cache-tag: 453447735698847188626690420057606771438,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e89ab78ae09f30fc3c3daae77dad5345.jpg
content-length: 14464
x-request-id: 78995bfadc216888101c2d2ee8adca11
x-served-by: cache-dca17741-DCA, cache-dca17729-DCA, cache-fra19131-FRA
last-modified: Sat, 01 Feb 2020 05:24:07 GMT
server: cloudinary
x-timer: S1584630661.648970,VS0,VE0
etag: "939f857e2385881c2625a059348dfefc"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 25db6a766429af5851d0e97de21f6f64.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
19 KB 24ms
24ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/25db6a766429af5851d0e97de21f6f64.jpg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 27b6c713cd431faa1981fb451caaf3b0770376a5c952f45dc3cf1ace898eb0c9

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2793374
edge-cache-tag: 340299526602331409697981998413736107424,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sun, 08 Mar 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/25db6a766429af5851d0e97de21f6f64.jpg
content-length: 18467
x-served-by: cache-dca17736-DCA, cache-dca17759-DCA, cache-fra19131-FRA
last-modified: Thu, 06 Feb 2020 16:38:52 GMT
server: cloudinary
x-timer: S1584630661.659294,VS0,VE1
etag: "52a2dbbd3556a7fef3409728dd6de2e3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 9faca858cedf37b28e0b6141230883f6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
18 KB 25ms
25ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9faca858cedf37b28e0b6141230883f6.jpg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: b6103e79e84fcbee4ac32e0f29ed72416a9c6eb397bd6262e9b6c5b6ff5876ab

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 3828070
edge-cache-tag: 480827806345574372985966542173988656927,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Tue, 11 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9faca858cedf37b28e0b6141230883f6.jpg
content-length: 18357
x-served-by: cache-dca17762-DCA, cache-dca17753-DCA, cache-fra19131-FRA
last-modified: Sat, 11 Jan 2020 06:14:17 GMT
server: cloudinary
x-timer: S1584630661.661955,VS0,VE1
etag: "1a06edc653d3411bf1a5edec5c0db93d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 luchtverfrisser_1000x600_c982b44e71e84fe85b333d8b87b165a7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ 11 KB
11 KB 25ms
25ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/luchtverfrisser_1000x600_c982b44e71e84fe85b333d8b87b165a7.png
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 2e925b8576908d8cf54dd0533d1cc23804c9ec3d518258f47244030a739accb9

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1402990
edge-cache-tag: 487554873383969556082830193845576907093,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Wed, 04 Mar 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/luchtverfrisser_1000x600_c982b44e71e84fe85b333d8b87b165a7.png
content-length: 10784
x-served-by: cache-dca17764-DCA, cache-dca17767-DCA, cache-fra19131-FRA
last-modified: Sun, 02 Feb 2020 13:50:30 GMT
server: cloudinary
x-timer: S1584630661.662746,VS0,VE1
etag: "ac9860c400a10550223b49fe3cfa3033"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 5b1d8bd9b3caf8c67f71982279696ea2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 30 KB
30 KB 24ms
24ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5b1d8bd9b3caf8c67f71982279696ea2.jpg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: e0d533062c59ff8a0279fc9429946e377862bf25b1ad920864b9a71895ecfc78

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2525747
edge-cache-tag: 505128620270879451042883464913102743069,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Wed, 19 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5b1d8bd9b3caf8c67f71982279696ea2.jpg
content-length: 30381
x-served-by: cache-dca17751-DCA, cache-dca17723-DCA, cache-fra19131-FRA
last-modified: Sun, 19 Jan 2020 19:33:13 GMT
server: cloudinary
x-timer: S1584630661.673306,VS0,VE0
etag: "690785c6e72a3bd9bf10d89a09845be4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 12

GET
H2 200 18754c6fbee47caf15b6c3a6329c2f0f_1000x600_ef8667df0aad8caa0554661b54fd70cf.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/e3c5e00c-8d4e-4ffb-9b76-5a7c81cdd776/ 12 KB
13 KB 25ms
25ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/e3c5e00c-8d4e-4ffb-9b76-5a7c81cdd776/18754c6fbee47caf15b6c3a6329c2f0f_1000x600_ef8667df0aad8caa0554661b54fd70cf.png
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 8c770dc69a024371e2a9b8ce1a5fc05768e23cd0f31d114367ce26f1b8944223

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1049592
edge-cache-tag: 578180829193718809636759666536298212200,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sat, 21 Mar 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/e3c5e00c-8d4e-4ffb-9b76-5a7c81cdd776/18754c6fbee47caf15b6c3a6329c2f0f_1000x600_ef8667df0aad8caa0554661b54fd70cf.png
content-length: 12318
x-served-by: cache-dca17742-DCA, cache-dca17783-DCA, cache-fra19131-FRA
last-modified: Wed, 19 Feb 2020 17:57:42 GMT
server: cloudinary
x-timer: S1584630661.673911,VS0,VE1
etag: "026ab49e15b933979241e63605050d36"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

POST
H2 204 bulk Show response
trc.taboola.com/nationmediagroup-dailynation/log/3/ 0
110 B 37ms
37ms XHR
image/gif 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/nationmediagroup-dailynation/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200315-35-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 17
date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-hhn4071-HHN
pragma: no-cache
server: nginx
x-timer: S1584630660.418312,VS0,VE17
content-type: image/gif
access-control-allow-origin: https://mobile.nation.co.ke
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F12B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
38ms

Image
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Thu, 19 Mar 2020 15:11:00 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
662 B 22ms
22ms Image
image/png 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003031842100/amp4ads-v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
age: 11836
x-cache: HIT
status: 200
date: Thu, 19 Mar 2020 15:11:00 GMT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by: cache-fra19131-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1584630660.446425,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-request-id: F6D91014AAA6CDC4
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 73
x-cache-hits: 34673

GET
H2 200 UnitSliderDesktop.min.js Show response
vidstat.taboola.com/lite-unit/1.0.7/ 20 KB
7 KB 26ms
23ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/1.0.7/UnitSliderDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200315-35-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91e0d98bb6452fde109dcd05fba3b2a356f09473ada469d6701bd160f9c32b7b

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 6e8dd39e00d9a5c1a31d69ffa2821a5e.cloudfront.net (CloudFront), 1.1 varnish
age: 86032
x-cache: Miss from cloudfront, HIT
status: 200
content-encoding: gzip
content-length: 6559
x-served-by: cache-fra19131-FRA
last-modified: Tue, 25 Feb 2020 07:38:06 GMT
server: AmazonS3
x-timer: S1584630661.689883,VS0,VE0
etag: "08fe81f0949beff2ed1d7380ddd2990f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA54
accept-ranges: bytes
x-amz-cf-id: mfHD4cHUoLcnhiUpWdZLGm5Pkw_2dHmlN3plRCZoT75n6w4busJsNg==
x-cache-hits: 9055

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003031842100/ Frame D7A0 200 KB
55 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003031842100/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be3e6a42b3069b41fa545824978a0b601b4de059253749ad57c8fd1b6bddf45e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1967
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55795
x-xss-protection: 0
server: sffe
date: Thu, 19 Mar 2020 14:38:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a96964b23e387b31"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Mar 2021 14:38:13 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003031842100/ Frame D7A0 200 KB
55 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003031842100/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be3e6a42b3069b41fa545824978a0b601b4de059253749ad57c8fd1b6bddf45e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1967
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55795
x-xss-protection: 0
server: sffe
date: Thu, 19 Mar 2020 14:38:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a96964b23e387b31"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Mar 2021 14:38:13 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012003031842100/v0/ Frame D7A0 16 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003031842100/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43ed58a47eaa7134ec3300ded45afc01af073084130eb90beeb389da9814deec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 23373
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5727
x-xss-protection: 0
server: sffe
date: Thu, 19 Mar 2020 08:41:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "73b8fa958135ca02"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Mar 2021 08:41:27 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012003031842100/v0/ Frame D7A0 92 KB
28 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003031842100/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaad8e5b3abc10a8518e1f8dae5ecea96dc45db3c7461113c9b5f06902e0c50a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 7745
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28323
x-xss-protection: 0
server: sffe
date: Thu, 19 Mar 2020 13:01:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c55fc50a3cb141e2"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Mar 2021 13:01:55 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012003031842100/v0/ Frame D7A0 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003031842100/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b3f9cc6b1e1cd02649447c72d77f9cef2fc81cfdea5b47a20f507eed6483a31

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 23337
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1392
x-xss-protection: 0
server: sffe
date: Thu, 19 Mar 2020 08:42:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d4f783c5765ebbae"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Mar 2021 08:42:03 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012003031842100/v0/ Frame D7A0 46 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003031842100/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad1368b0463703245ec260353fb66da9b8bef31a2468f8392c8eeea6a55cdda

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 23373
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14845
x-xss-protection: 0
server: sffe
date: Thu, 19 Mar 2020 08:41:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "688737a9eb3f24de"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Mar 2021 08:41:27 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D7A0 2 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 11:08:58 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 14522
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Fri, 20 Mar 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D7A0 295 B
359 B 7ms
6ms Image
image/png 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 12:55:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 8139
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 20 Mar 2020 12:55:21 GMT

GET
DATA 200
OK truncated
/ Frame D7A0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3a63d0d86867987d32dfe8cfd8dedeec69aff04e288b9c1ed1e788803f96f56

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 7393497719849063447
tpc.googlesyndication.com/simgad/ Frame D7A0 27 KB
27 KB 7ms
7ms Image
image/gif 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7393497719849063447

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2051f4dab3826586545173c453c1a97e15abc89ade527db934c6f2b155dd3b91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 14 Mar 2020 17:41:57 GMT
x-content-type-options: nosniff
age: 422943
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27804
x-xss-protection: 0
last-modified: Sat, 02 Jan 2016 19:29:52 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Mar 2021 17:41:57 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D7A0 0
0 35ms
35ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLcRzhItzXtq_Eo31gAfdyrHgBYChk7NN1fTB5tACloLNhYgWEAEg4L3pH2C56L6A1AGgAb_72PMDyAED4AIAqAMByAMIqgSeAk_Q64rMFvHzW-Ljo7-Hd-cKl5r8foT6Q2sTu9HCPArntVd912s-eyy1ufeXRubyfU-Rzfuu3_IRbVdXmfSm4HlSqViQ1c0_QruBln-Kf5T8w4qptcvnHmZoUrjf4RJUHk8eNL6oeEPXXrttsAuU7WuolGSDJHXC-gbtdg7RKjBvbK1zntN6axKgGTx81sa2dBfShIjti45KISFSbM-_msdwDVpwubDE1okwn7lvhHr-5Px9rSrtA3qAU451ZqOROyqOqQi1RjIHonuzrPzNNdcq5OFRow-G7OKFn6waFApj9qKzx5GNC8ogCJ0F_A3Sq4bReakyRhSrALVHNh9pdFhqTHA53j2EsUMvyJBpsaH46IMmCl9Cd1sUM7h1lR3ABL3Q94BC4AQBkgUECAQYAZIFBAgFGASgBgOAB6mEpwyoB47OG6gH1ckbqAeT2BuoB5_bG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBCYsQHSCAkIgOGAEBABGB2ACgPICwHYEww&sigh=_rHrc0bS6cc&tpd=AGWhJmvbP5IFne0im7yUrov7eTUZHYYeYsCAemk7Z4hpJLjMsQ
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D7A0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
38ms

Image
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Thu, 19 Mar 2020 15:11:00 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 st
imprammp.taboola.com/ Frame BAF7 0
0 32ms
30ms Document
text/plain 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=8021617&ttype=0&cirid=A68F5DEC9121979862152915986&cicmp=1522581&cijs=1&dast=V7iF0CFgMLAL6wcFLNRwQLAL6wcFLNRwUAAAAGBjsHHUEbzlgjFoe5mCyWu-VwNhksdrvVZDTcbYZTcJiy0-SyHNQCWdPk8rshDU2nw-e616v9FqfZZZc7TE-_3a7x27Uuv9zl-_w1Rddi7ZZZHq6TW_P6HF4e01voMpvcMr_lLfO7Lm-Rw_n5K5arwXI0W6tGw8VuMVpr7M6xz-VX2k0u411oepvtAAAAAPAAcES5BvEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAVBgGKYBQMGhsC6X5eKy_Fx2fwAAPASAAAAMKJAACOiHlwBEgKedAAAAAAAAAACw_P___8cA6JnFyQBc7FTeGPQAPPgAPAgBAABcDGX0UgqOPD-AExUcFjECAAAAkDKbKDya1AmVRRUAAEG6FcAVAEAA3DxWf1SW7qDEWxgAAACBWEcWCD3t0gnq2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNiMuBOA6L8JlX7BQQAWPsFBABgUzcAgDcBuJC7QNPp8Lnu9brf767z-31ml13jd_tFR9CKwWB1BrTcbGar2QEAAADc_f___-N1ZIHQ0y6doOqBxMa58u0Wg5VjthtuJqPJZrcxWVae1cxmmTkcLu-BlB1vqU84JfQ5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EbjTACRoOB4vdYLFbLIaTxWQ0WA4WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY2A1njuVq4lYZRsa1aDTxuJWjycitMg13o8HKuZpsDGvR62N6zUaOxWC0RcGAt70ILtKJ3GF6-u1ul8np8Fn-rsNb5HCanXeH6em3W8QSzckincgu-8bGufLtFoOVY7YbbiajyWa3MVlWntXMZpk5HC5_YzecOZariVtlGBnXotHE41aOJiO3yjTcjQYr52qyMaxFr4_pNRs5FoPRvrEajmabwWw22DdWw9FsM5jNBvsOg_doLW4VHpnEGa0WhzLTQeEyWLwb1eo4_kwO0rLZ6BSqvquDyuj3-_1-v9_v9_v9Bq3nYDYofNeyVPk37G7ObfZ1MCpiieB0kU5EL-PpIpZInhbpRGYaTRYuy8jhHG5ms9Vwspq5bIvFyuJw2SYzi2MilihNF-lEL3f5Pn_N0bVYu2WWh-vk1rw-h5fH9Ba6zCa3zG95y_yuy1vkcH7-iuVqsBzN1qrRcLFbjNYau3Psc_mVdpPLeBea3maL-o8NOJkrBpO5YjlXbDarBAAAAAAAAACwhDnzJgAAAACnQSxXk-VuuQAQUua7Drvo9ZKXEefFjR9zuMP09NvdLpPT4bP8XYe3yOE0O-8O09NvN_Nm1gAAAAI!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html&ved=2ahUKEwjNlarrlojoAhXSQkEAHdpdCrQQFjABegQIBxAJ&usg=AOvVaw2-ZQn8tKHYGN0kEnrT1BC3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cipid=8021617&ttype=0&cirid=A68F5DEC9121979862152915986&cicmp=1522581&cijs=1&dast=V7iF0CFgMLAL6wcFLNRwQLAL6wcFLNRwUAAAAGBjsHHUEbzlgjFoe5mCyWu-VwNhksdrvVZDTcbYZTcJiy0-SyHNQCWdPk8rshDU2nw-e616v9FqfZZZc7TE-_3a7x27Uuv9zl-_w1Rddi7ZZZHq6TW_P6HF4e01voMpvcMr_lLfO7Lm-Rw_n5K5arwXI0W6tGw8VuMVpr7M6xz-VX2k0u411oepvtAAAAAPAAcES5BvEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAVBgGKYBQMGhsC6X5eKy_Fx2fwAAPASAAAAMKJAACOiHlwBEgKedAAAAAAAAAACw_P___8cA6JnFyQBc7FTeGPQAPPgAPAgBAABcDGX0UgqOPD-AExUcFjECAAAAkDKbKDya1AmVRRUAAEG6FcAVAEAA3DxWf1SW7qDEWxgAAACBWEcWCD3t0gnq2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNiMuBOA6L8JlX7BQQAWPsFBABgUzcAgDcBuJC7QNPp8Lnu9brf767z-31ml13jd_tFR9CKwWB1BrTcbGar2QEAAADc_f___-N1ZIHQ0y6doOqBxMa58u0Wg5VjthtuJqPJZrcxWVae1cxmmTkcLu-BlB1vqU84JfQ5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EbjTACRoOB4vdYLFbLIaTxWQ0WA4WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOESY2A1njuVq4lYZRsa1aDTxuJWjycitMg13o8HKuZpsDGvR62N6zUaOxWC0RcGAt70ILtKJ3GF6-u1ul8np8Fn-rsNb5HCanXeH6em3W8QSzckincgu-8bGufLtFoOVY7YbbiajyWa3MVlWntXMZpk5HC5_YzecOZariVtlGBnXotHE41aOJiO3yjTcjQYr52qyMaxFr4_pNRs5FoPRvrEajmabwWw22DdWw9FsM5jNBvsOg_doLW4VHpnEGa0WhzLTQeEyWLwb1eo4_kwO0rLZ6BSqvquDyuj3-_1-v9_v9_v9Bq3nYDYofNeyVPk37G7ObfZ1MCpiieB0kU5EL-PpIpZInhbpRGYaTRYuy8jhHG5ms9Vwspq5bIvFyuJw2SYzi2MilihNF-lEL3f5Pn_N0bVYu2WWh-vk1rw-h5fH9Ba6zCa3zG95y_yuy1vkcH7-iuVqsBzN1qrRcLFbjNYau3Psc_mVdpPLeBea3maL-o8NOJkrBpO5YjlXbDarBAAAAAAAAACwhDnzJgAAAACnQSxXk-VuuQAQUua7Drvo9ZKXEefFjR9zuMP09NvdLpPT4bP8XYe3yOE0O-8O09NvN_Nm1gAAAAI!&excid=22&tst=1&docw=0&cs=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=178f195b-e0d8-44bc-942d-e48740e952c0-tuct56d1104
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Response headers

status: 200
server: nginx
accept-ranges: bytes
date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish
x-served-by: cache-hhn4079-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1584630661.724714,VS0,VE10
content-length: 0

GET
H2 200 cmTagSLIDER_INSTREAM.js Show response
vidstat.taboola.com/vpaid/units/27_4_17/infra/ 649 KB
148 KB 23ms
22ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/27_4_17/infra/cmTagSLIDER_INSTREAM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/1.0.7/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a33faf3ffd9fe9fdfba863f09c3178fed798bc74dace59827d9e3fe2f20f1c1

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront), 1.1 varnish
age: 176765
x-cache: Miss from cloudfront, HIT
x-amz-meta-ctime: 1584453451
status: 200
x-amz-meta-mode: 33188
x-cache-hits: 71035
content-encoding: gzip
content-length: 150838
x-served-by: cache-fra19131-FRA
last-modified: Tue, 17 Mar 2020 13:57:33 GMT
server: AmazonS3
x-timer: S1584630661.724719,VS0,VE0
etag: "ad0db7546ef17c9664e056549468a27b"
x-amz-meta-uid: 0
vary: Accept-Encoding
x-amz-meta-gid: 0
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: ty79Du4H9oC_7wM0nHPvsEEuutaSLgVkrVyTItUlS1di25sHGX38jA==
x-amz-meta-mtime: 1584453393

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/27_4_17/assets/css/ 35 KB
7 KB 28ms
27ms Stylesheet
text/css 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/27_4_17/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/1.0.7/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 099ae698b2292d7ec4a45c32230ac80d194d9d8cebebd634f38a2e132535d209

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront), 1.1 varnish
age: 176765
x-cache: Hit from cloudfront, HIT
x-amz-meta-ctime: 1584453405
status: 200
x-amz-meta-mode: 33188
x-cache-hits: 634186
content-encoding: gzip
content-length: 6391
x-served-by: cache-fra19131-FRA
last-modified: Tue, 17 Mar 2020 13:56:47 GMT
server: AmazonS3
x-timer: S1584630661.724745,VS0,VE0
etag: "76bd13a8460ed90f741d58a4422b501d"
x-amz-meta-uid: 0
vary: Accept-Encoding
x-amz-meta-gid: 0
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: 0MA11pZbRrAyviD0mgAM_nFBebBSuzt-sdX1uoVTj2vNdckq-w3-4A==
x-amz-meta-mtime: 1584453391

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/3.0.6/ 48 KB
16 KB 23ms
23ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/3.0.6/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_4_17/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 053d3ecbbbb74ebb4a3dbce3c42ab442f7fa281c5a5f4227cab1f293417bd6f1

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront), 1.1 varnish
age: 695232
x-cache: Hit from cloudfront, HIT
status: 200
content-encoding: gzip
content-length: 15601
x-served-by: cache-fra19131-FRA
last-modified: Wed, 11 Mar 2020 13:22:13 GMT
server: AmazonS3
x-timer: S1584630661.808354,VS0,VE0
etag: "d7833e96b8c7d00a570e80e317c054d8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: X6mFl3KHA4zLgwQGA_9_tqzWI4wBQObI6GyYi1wksVdeAznPxqV-hg==
x-cache-hits: 476062

GET
H2 200 7393497719849063447
tpc.googlesyndication.com/simgad/ Frame D7A0 27 KB
27 KB 6ms
5ms Image
image/gif 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7393497719849063447

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003031842100/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2051f4dab3826586545173c453c1a97e15abc89ade527db934c6f2b155dd3b91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 14 Mar 2020 17:41:57 GMT
x-content-type-options: nosniff
age: 422943
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27804
x-xss-protection: 0
last-modified: Sat, 02 Jan 2016 19:29:52 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Mar 2021 17:41:57 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D7A0 2 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003031842100/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 11:08:58 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 14522
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Fri, 20 Mar 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D7A0 295 B
360 B 7ms
6ms Image
image/png 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003031842100/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 12:55:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 8139
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 20 Mar 2020 12:55:21 GMT

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 73ms
73ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_4_17/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 3ccfbae98f5816b531634c1e82e45259.cloudfront.net (CloudFront), 1.1 varnish
age: 615823
x-cache: Hit from cloudfront, HIT
status: 200
content-encoding: gzip
content-length: 7638
x-served-by: cache-fra19131-FRA
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: AmazonS3
x-timer: S1584630661.914418,VS0,VE0
etag: "d8d81221ec6e604811ce469d899c9c8b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50
accept-ranges: bytes
x-amz-cf-id: Vs4TubaGEnCgigh3kN5-OJytJd-a8QzTxQCNFZg0hh5KVFK_O_tI7g==
x-cache-hits: 448271

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v11.1.1/ 546 KB
140 KB 61ms
61ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v11.1.1/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_4_17/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a182e98bf3c194d73e35ce76e41f60b56dc0a8dbedc98034795eeaa3e10c1dc1

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront), 1.1 varnish
age: 104852
x-cache: Miss from cloudfront, HIT
status: 200
x-amz-meta-mode: 33188
x-cache-hits: 625696
content-encoding: gzip
content-length: 143393
x-served-by: cache-fra19131-FRA
last-modified: Wed, 18 Mar 2020 09:15:15 GMT
server: AmazonS3
x-timer: S1584630661.914387,VS0,VE0
etag: "d7e708363ccac56fdfe5ed9a4bdbd795"
x-amz-meta-uid: 0
vary: Accept-Encoding
x-amz-meta-gid: 0
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: lt0IRTCp9zLmDMaqFoktxlj9DcSSbN5MJVBN2r2FVaXVRq3PwR-Y3g==
x-amz-meta-mtime: 1584522913

GET
H2 200 sync
match.taboola.com/ Frame BCD7 0
0 33ms
32ms Document
text/html 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sync?dast=V7_bQCFgMLAL6wcFLNRwQLAL6wcFLNRwUAAAAGBjsHG0EbzlgjFoe5mCyWu-VwNlmsJsvFajmcDaEjaMMZa8TiMBeTxXK3HM4mg8Vut5qMhrvNcAoOU3aaXJaDWiBrmlx-N6Sh6XT4XPd6td_iNLvscofp6bfbNX671uWXu3yfv6boWqzdMsvDdXJrXp_Dy2N6C11mk1vmt7xlftflLXI4P3_FcjVYjmZr1Wi42C1Ga43dOfa5_Eq7yWW8C01vsx0AAAAAHgCOKNcgfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAACgzDNAAoOBTW5bJcXJafy-4PAICHABAAgAEFEgAB_fASgAjwtBMAAAAAAAAAAJb_____GAA9szgZgIudyh6ABx-AB6KCwyJGAAAAAFJmE4VHkzqhsqgCACBItwK4AgAIgJvH6o8KAwAAIBDryAKhp106QR1boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQkwG3GlAlN-kar-AAABrv4AAAGzqBgDwJgAXchdoOh0-171e9_vddX6_z-yya_xuv-gIWjEYrM6AlpvNbDU7AAAAgLv___9_vI4sEHrapRNUPZDYOFe-3WKwcsx2w81kNNnsNibLyrOa2Swzh8PlPZCy4y31CaeEPocpO00uy0EtkDVNLr_9JmwxWk0mm-VwtlxMBsPRcDTan8CNBjhBw-FgsRssdovFcLKYjAbLwQIFYjDBCRmONpPVaLfaTZbDyWg020w2SNGq1Wy0GQxXs8lst1sNB8PlaIQUrVnMJpPFbLTcbQbLyWgwnAyHCBO74cyxXE3cKsPIuBaNJh63cjQZuVWm4W40WDlXk41hLXp9TK_ZyLEYjLYoGPC2F8FFOpE7TE-_3e0yOR0-y991eIscTrPz7jA9_XaLWKI5WaQT2WXf2DhXvt1isHLMdsPNZDTZ7DYmy8qzmtksM4fD5W_shjPHcjVxqwwj41o0mnjcytFk5FaZhrvRYOVcTTaGtej1Mb1mI8diMNo3VsPRbDOYzQb7xmo4mm0Gs9lg32HwHq3FrcIjkzij1eJQZjooXAaLd6NaHcefyUFaNhudQtV3dVAZ_X6_3-_3-_1-v9-g9RzMBoXvWpYq_4bdzbnNvg5GRSwRnC7SiehlPF3EEsnTIp3ITKPJwmUZOZzDzWy2Gk5WM5dtsVhZHC7bZGZxTMQSpekinejlLt_nrzm6Fmu3zPJwndya1-fw8pjeQpfZ5Jb5LW-Z33V5ixzOz1-xXA2Wo9laNRoudovRWmN3jn0uv9JuchnvQtPbbFH_sQEnc8VgMlcs54rNZpUAAAAAAAAAAJYwZ94EAAAA4DSI5Wqy3C0XAELKfNdhF71e8jLivLjxYw53mJ5-u9tlcjp8lr_r8BY5nGbn3WF6-u1mDg!&excid=22&docw=0&cijs=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_4_17/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sync?dast=V7_bQCFgMLAL6wcFLNRwQLAL6wcFLNRwUAAAAGBjsHG0EbzlgjFoe5mCyWu-VwNlmsJsvFajmcDaEjaMMZa8TiMBeTxXK3HM4mg8Vut5qMhrvNcAoOU3aaXJaDWiBrmlx-N6Sh6XT4XPd6td_iNLvscofp6bfbNX671uWXu3yfv6boWqzdMsvDdXJrXp_Dy2N6C11mk1vmt7xlftflLXI4P3_FcjVYjmZr1Wi42C1Ga43dOfa5_Eq7yWW8C01vsx0AAAAAHgCOKNcgfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAACgzDNAAoOBTW5bJcXJafy-4PAICHABAAgAEFEgAB_fASgAjwtBMAAAAAAAAAAJb_____GAA9szgZgIudyh6ABx-AB6KCwyJGAAAAAFJmE4VHkzqhsqgCACBItwK4AgAIgJvH6o8KAwAAIBDryAKhp106QR1boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQkwG3GlAlN-kar-AAABrv4AAAGzqBgDwJgAXchdoOh0-171e9_vddX6_z-yya_xuv-gIWjEYrM6AlpvNbDU7AAAAgLv___9_vI4sEHrapRNUPZDYOFe-3WKwcsx2w81kNNnsNibLyrOa2Swzh8PlPZCy4y31CaeEPocpO00uy0EtkDVNLr_9JmwxWk0mm-VwtlxMBsPRcDTan8CNBjhBw-FgsRssdovFcLKYjAbLwQIFYjDBCRmONpPVaLfaTZbDyWg020w2SNGq1Wy0GQxXs8lst1sNB8PlaIQUrVnMJpPFbLTcbQbLyWgwnAyHCBO74cyxXE3cKsPIuBaNJh63cjQZuVWm4W40WDlXk41hLXp9TK_ZyLEYjLYoGPC2F8FFOpE7TE-_3e0yOR0-y991eIscTrPz7jA9_XaLWKI5WaQT2WXf2DhXvt1isHLMdsPNZDTZ7DYmy8qzmtksM4fD5W_shjPHcjVxqwwj41o0mnjcytFk5FaZhrvRYOVcTTaGtej1Mb1mI8diMNo3VsPRbDOYzQb7xmo4mm0Gs9lg32HwHq3FrcIjkzij1eJQZjooXAaLd6NaHcefyUFaNhudQtV3dVAZ_X6_3-_3-_1-v9-g9RzMBoXvWpYq_4bdzbnNvg5GRSwRnC7SiehlPF3EEsnTIp3ITKPJwmUZOZzDzWy2Gk5WM5dtsVhZHC7bZGZxTMQSpekinejlLt_nrzm6Fmu3zPJwndya1-fw8pjeQpfZ5Jb5LW-Z33V5ixzOz1-xXA2Wo9laNRoudovRWmN3jn0uv9JuchnvQtPbbFH_sQEnc8VgMlcs54rNZpUAAAAAAAAAAJYwZ94EAAAA4DSI5Wqy3C0XAELKfNdhF71e8jLivLjxYw53mJ5-u9tlcjp8lr_r8BY5nGbn3WF6-u1mDg!&excid=22&docw=0&cijs=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=178f195b-e0d8-44bc-942d-e48740e952c0-tuct56d1104
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Response headers

status: 200
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 3401
accept-ranges: bytes
date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish
x-served-by: cache-fra19176-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1584630661.904323,VS0,VE10

GET
H2 200 st
convammp.taboola.com/ 0
52 B 33ms
31ms Image
text/plain 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://convammp.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8021617&crid=4691051&dast=V7_bQCFgMLAL6wcFLNRwQLAL6wcFLNRwUAAAAGBjsHG0EbzlgjFoe5mCyWu-VwNlmsJsvFajmcDaEjaMMZa8TiMBeTxXK3HM4mg8Vut5qMhrvNcAoOU3aaXJaDWiBrmlx-N6Sh6XT4XPd6td_iNLvscofp6bfbNX671uWXu3yfv6boWqzdMsvDdXJrXp_Dy2N6C11mk1vmt7xlftflLXI4P3_FcjVYjmZr1Wi42C1Ga43dOfa5_Eq7yWW8C01vsx0AAAAAHgCOKNcgfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAACgzDNAAoOBTW5bJcXJafy-4PAICHABAAgAEFEgAB_fASgAjwtBMAAAAAAAAAAJb_____GAA9szgZgIudyh6ABx-AB6KCwyJGAAAAAFJmE4VHkzqhsqgCACBItwK4AgAIgJvH6o8KAwAAIBDryAKhp106QR1boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQkwG3GlAlN-kar-AAABrv4AAAGzqBgDwJgAXchdoOh0-171e9_vddX6_z-yya_xuv-gIWjEYrM6AlpvNbDU7AAAAgLv___9_vI4sEHrapRNUPZDYOFe-3WKwcsx2w81kNNnsNibLyrOa2Swzh8PlPZCy4y31CaeEPocpO00uy0EtkDVNLr_9JmwxWk0mm-VwtlxMBsPRcDTan8CNBjhBw-FgsRssdovFcLKYjAbLwQIFYjDBCRmONpPVaLfaTZbDyWg020w2SNGq1Wy0GQxXs8lst1sNB8PlaIQUrVnMJpPFbLTcbQbLyWgwnAyHCBO74cyxXE3cKsPIuBaNJh63cjQZuVWm4W40WDlXk41hLXp9TK_ZyLEYjLYoGPC2F8FFOpE7TE-_3e0yOR0-y991eIscTrPz7jA9_XaLWKI5WaQT2WXf2DhXvt1isHLMdsPNZDTZ7DYmy8qzmtksM4fD5W_shjPHcjVxqwwj41o0mnjcytFk5FaZhrvRYOVcTTaGtej1Mb1mI8diMNo3VsPRbDOYzQb7xmo4mm0Gs9lg32HwHq3FrcIjkzij1eJQZjooXAaLd6NaHcefyUFaNhudQtV3dVAZ_X6_3-_3-_1-v9-g9RzMBoXvWpYq_4bdzbnNvg5GRSwRnC7SiehlPF3EEsnTIp3ITKPJwmUZOZzDzWy2Gk5WM5dtsVhZHC7bZGZxTMQSpekinejlLt_nrzm6Fmu3zPJwndya1-fw8pjeQpfZ5Jb5LW-Z33V5ixzOz1-xXA2Wo9laNRoudovRWmN3jn0uv9JuchnvQtPbbFH_sQEnc8VgMlcs54rNZpUAAAAAAAAAAJYwZ94EAAAA4DSI5Wqy3C0XAELKfNdhF71e8jLivLjxYw53mJ5-u9tlcjp8lr_r8BY5nGbn3WF6-u1mDg!&cmcv=&pix=31589837&cb=1584630660864&uv=27417&tms=1584630660864&abt=afc9_vF!expl_vA!stp1_vA!t45&ru=https%3A%2F%2Fwww.google.com%2F&ft=0&unm=SLIDER_INSTREAM&debug=pn:!sqg:!torgn:1584630658810.194!ts:1584630660863&
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584630661.904800,VS0,VE9
x-served-by: cache-fra19176-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 st
convammp.taboola.com/ 0
52 B 33ms
31ms Image
text/plain 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://convammp.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=8021617&crid=4691051&dast=V7_bQCFgMLAL6wcFLNRwQLAL6wcFLNRwUAAAAGBjsHG0EbzlgjFoe5mCyWu-VwNlmsJsvFajmcDaEjaMMZa8TiMBeTxXK3HM4mg8Vut5qMhrvNcAoOU3aaXJaDWiBrmlx-N6Sh6XT4XPd6td_iNLvscofp6bfbNX671uWXu3yfv6boWqzdMsvDdXJrXp_Dy2N6C11mk1vmt7xlftflLXI4P3_FcjVYjmZr1Wi42C1Ga43dOfa5_Eq7yWW8C01vsx0AAAAAHgCOKNcgfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAACgzDNAAoOBTW5bJcXJafy-4PAICHABAAgAEFEgAB_fASgAjwtBMAAAAAAAAAAJb_____GAA9szgZgIudyh6ABx-AB6KCwyJGAAAAAFJmE4VHkzqhsqgCACBItwK4AgAIgJvH6o8KAwAAIBDryAKhp106QR1boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQkwG3GlAlN-kar-AAABrv4AAAGzqBgDwJgAXchdoOh0-171e9_vddX6_z-yya_xuv-gIWjEYrM6AlpvNbDU7AAAAgLv___9_vI4sEHrapRNUPZDYOFe-3WKwcsx2w81kNNnsNibLyrOa2Swzh8PlPZCy4y31CaeEPocpO00uy0EtkDVNLr_9JmwxWk0mm-VwtlxMBsPRcDTan8CNBjhBw-FgsRssdovFcLKYjAbLwQIFYjDBCRmONpPVaLfaTZbDyWg020w2SNGq1Wy0GQxXs8lst1sNB8PlaIQUrVnMJpPFbLTcbQbLyWgwnAyHCBO74cyxXE3cKsPIuBaNJh63cjQZuVWm4W40WDlXk41hLXp9TK_ZyLEYjLYoGPC2F8FFOpE7TE-_3e0yOR0-y991eIscTrPz7jA9_XaLWKI5WaQT2WXf2DhXvt1isHLMdsPNZDTZ7DYmy8qzmtksM4fD5W_shjPHcjVxqwwj41o0mnjcytFk5FaZhrvRYOVcTTaGtej1Mb1mI8diMNo3VsPRbDOYzQb7xmo4mm0Gs9lg32HwHq3FrcIjkzij1eJQZjooXAaLd6NaHcefyUFaNhudQtV3dVAZ_X6_3-_3-_1-v9-g9RzMBoXvWpYq_4bdzbnNvg5GRSwRnC7SiehlPF3EEsnTIp3ITKPJwmUZOZzDzWy2Gk5WM5dtsVhZHC7bZGZxTMQSpekinejlLt_nrzm6Fmu3zPJwndya1-fw8pjeQpfZ5Jb5LW-Z33V5ixzOz1-xXA2Wo9laNRoudovRWmN3jn0uv9JuchnvQtPbbFH_sQEnc8VgMlcs54rNZpUAAAAAAAAAAJYwZ94EAAAA4DSI5Wqy3C0XAELKfNdhF71e8jLivLjxYw53mJ5-u9tlcjp8lr_r8BY5nGbn3WF6-u1mDg!&cmcv=&pix=31579697&cb=1584630660879&uv=27417&tms=1584630660879&abt=afc9_vF!expl_vA!stp1_vA!t45&ru=https%3A%2F%2Fwww.google.com%2F&ft=0&unm=SLIDER_INSTREAM
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584630661.904304,VS0,VE9
x-served-by: cache-fra19176-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 loading2.png
vidstat.taboola.com/assets/ 24 KB
24 KB 44ms
43ms Image
image/png 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/loading2.png
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 e77255787d333d7481d3de3a89fb3ee2.cloudfront.net (CloudFront), 1.1 varnish
age: 681060
x-cache: Hit from cloudfront, HIT
status: 200
x-amz-meta-mode: 33188
x-cache-hits: 74981
content-length: 24300
x-served-by: cache-fra19131-FRA
last-modified: Sun, 02 Jul 2017 14:25:04 GMT
server: AmazonS3
x-timer: S1584630661.914396,VS0,VE0
etag: "ead84d746b6ee07ee78dc4243d7349c8"
x-amz-meta-uid: 0
x-amz-meta-gid: 0
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: wsuqsnAcZhnKc3xWJJxh5ueq-D_5VpvJZ24V1SCvh9rWxkRacqGsJw==
x-amz-meta-mtime: 1498646328

GET
H2 200 replay-button.svg
vidstat.taboola.com/assets/ 1 KB
927 B 44ms
43ms Image
image/svg+xml 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button.svg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 c5ad7defce0694621f07129d852e42da.cloudfront.net (CloudFront), 1.1 varnish
age: 681063
x-cache: Hit from cloudfront, HIT
status: 200
content-encoding: gzip
content-length: 701
x-served-by: cache-fra19131-FRA
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1584630661.914369,VS0,VE0
etag: "e871e80b457ead7801d3bbe63b25c4fb"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56
accept-ranges: bytes
x-amz-cf-id: xfVH_uCcs8vv32OAYVzP2H7rV0t-aZdNYOB1CdMcmcCLxo2pw4amLA==
x-cache-hits: 71378

GET
H2 200 replay-button-hover.svg
vidstat.taboola.com/assets/ 1 KB
1 KB 44ms
43ms Image
image/svg+xml 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button-hover.svg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 89934ce37ea0d70a19ace48a847ae306.cloudfront.net (CloudFront), 1.1 varnish
vary: Accept-Encoding
age: 681063
x-cache: Hit from cloudfront, HIT
status: 200
content-encoding: gzip
content-length: 709
x-served-by: cache-fra19131-FRA
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1584630661.914364,VS0,VE0
etag: "ae0344bce724db935e4f7ba6573ee516"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56
accept-ranges: bytes
x-amz-cf-id: 0LXFZXzIGp0T1Ckl_MSj5UuxlGR3UQavwu7Xk_fE9KeHFAGa04vVHA==
x-cache-hits: 68806

GET
H2 200 learn-more-button.svg
vidstat.taboola.com/assets/ 2 KB
895 B 44ms
43ms Image
image/svg+xml 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button.svg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 63db28734e1b9429c04087abd41a1692.cloudfront.net (CloudFront), 1.1 varnish
age: 723843
x-cache: Hit from cloudfront, HIT
status: 200
content-encoding: gzip
content-length: 634
x-served-by: cache-fra19131-FRA
last-modified: Wed, 13 Feb 2019 09:30:12 GMT
server: AmazonS3
x-timer: S1584630661.914332,VS0,VE0
etag: "3132e8c3bdd274efa7ce1531ec89580d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56
accept-ranges: bytes
x-amz-cf-id: UjboL6EBEF138bshUUinNuKzcg1LP0lpc96QZKnVTteByHcQBbj8ZA==
x-cache-hits: 68825

GET
H2 200 learn-more-button-hover.svg
vidstat.taboola.com/assets/ 2 KB
933 B 26ms
26ms Image
image/svg+xml 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button-hover.svg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 15:11:00 GMT
via: 1.1 df874ca0e51df630ccc49eab9f1f7fb3.cloudfront.net (CloudFront), 1.1 varnish
age: 681061
x-cache: Hit from cloudfront, HIT
status: 200
content-encoding: gzip
content-length: 660
x-served-by: cache-fra19131-FRA
last-modified: Wed, 13 Feb 2019 09:30:11 GMT
server: AmazonS3
x-timer: S1584630661.949049,VS0,VE0
etag: "b14888c73642ebc29c1451727eb1eb8a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56
accept-ranges: bytes
x-amz-cf-id: nY31xsarGXymhNgAYAqVz0gJVVEnzqMXCX_IeVmMejcPd4siHd0x5Q==
x-cache-hits: 69047

GET
H2 200 c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 3 KB
2 KB 42ms
42ms Image
image/svg+xml 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-amz-version-id: 3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding: gzip
age: 64
x-cache: HIT
status: 200
date: Thu, 19 Mar 2020 15:11:00 GMT
x-amz-replication-status: COMPLETED
content-length: 1502
x-amz-id-2: kbgjkKpG3KFQDGQImgwZodPfQKBjg1lUEmfnPpdcN31451H2qXs6ym1N3YfW/IX2vo846g9fmHk=
x-served-by: cache-fra19131-FRA
access-control-allow-origin: *
last-modified: Sun, 10 Jun 2018 13:23:55 GMT
server: AmazonS3
x-timer: S1584630661.914254,VS0,VE0
etag: "11d8569a7da0739259e3ac0b0d666e94"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 5D2EF20CD9B64C6E
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 73
x-cache-hits: 69

GET
BLOB 206
Partial Content fac048ca-69c0-43f8-be34-4b3e0c54d901
https://mobile.nation.co.ke/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mobile.nation.co.ke/fac048ca-69c0-43f8-be34-4b3e0c54d901
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Sec-Fetch-Dest: video
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 23f0bdd8-d6f6-4e13-b595-9b03540ad709
https://mobile.nation.co.ke/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mobile.nation.co.ke/23f0bdd8-d6f6-4e13-b595-9b03540ad709
Requested by: Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Sec-Fetch-Dest: video
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
1 KB 395ms
393ms XHR
application/json 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=198827&tagid=1020237&crid=4691051&noaop=2&sortOrderType=0&cb=1584630660982&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1111&pt=-723925304&tz=60&viewable=true&ddast=V7_bQCFgMLAL6wcFLNRwQLAL6wcFLNRwUAAAAGBjsHG0EbzlgjFoe5mCyWu-VwNlmsJsvFajmcDaEjaMMZa8TiMBeTxXK3HM4mg8Vut5qMhrvNcAoOU3aaXJaDWiBrmlx-N6Sh6XT4XPd6td_iNLvscofp6bfbNX671uWXu3yfv6boWqzdMsvDdXJrXp_Dy2N6C11mk1vmt7xlftflLXI4P3_FcjVYjmZr1Wi42C1Ga43dOfa5_Eq7yWW8C01vsx0AAAAAHgCOKNcgfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAACgzDNAAoOBTW5bJcXJafy-4PAICHABAAgAEFEgAB_fASgAjwtBMAAAAAAAAAAJb_____GAA9szgZgIudyh6ABx-AB6KCwyJGAAAAAFJmE4VHkzqhsqgCACBItwK4AgAIgJvH6o8KAwAAIBDryAKhp106QR1boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQkwG3GlAlN-kar-AAABrv4AAAGzqBgDwJgAXchdoOh0-171e9_vddX6_z-yya_xuv-gIWjEYrM6AlpvNbDU7AAAAgLv___9_vI4sEHrapRNUPZDYOFe-3WKwcsx2w81kNNnsNibLyrOa2Swzh8PlPZCy4y31CaeEPocpO00uy0EtkDVNLr_9JmwxWk0mm-VwtlxMBsPRcDTan8CNBjhBw-FgsRssdovFcLKYjAbLwQIFYjDBCRmONpPVaLfaTZbDyWg020w2SNGq1Wy0GQxXs8lst1sNB8PlaIQUrVnMJpPFbLTcbQbLyWgwnAyHCBO74cyxXE3cKsPIuBaNJh63cjQZuVWm4W40WDlXk41hLXp9TK_ZyLEYjLYoGPC2F8FFOpE7TE-_3e0yOR0-y991eIscTrPz7jA9_XaLWKI5WaQT2WXf2DhXvt1isHLMdsPNZDTZ7DYmy8qzmtksM4fD5W_shjPHcjVxqwwj41o0mnjcytFk5FaZhrvRYOVcTTaGtej1Mb1mI8diMNo3VsPRbDOYzQb7xmo4mm0Gs9lg32HwHq3FrcIjkzij1eJQZjooXAaLd6NaHcefyUFaNhudQtV3dVAZ_X6_3-_3-_1-v9-g9RzMBoXvWpYq_4bdzbnNvg5GRSwRnC7SiehlPF3EEsnTIp3ITKPJwmUZOZzDzWy2Gk5WM5dtsVhZHC7bZGZxTMQSpekinejlLt_nrzm6Fmu3zPJwndya1-fw8pjeQpfZ5Jb5LW-Z33V5ixzOz1-xXA2Wo9laNRoudovRWmN3jn0uv9JuchnvQtPbbFH_sQEnc8VgMlcs54rNZpUAAAAAAAAAAJYwZ94EAAAA4DSI5Wqy3C0XAELKfNdhF71e8jLivLjxYw53mJ5-u9tlcjp8lr_r8BY5nGbn3WF6-u1mDg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&dtagid=1171561&dpubid=195297&abtst=afc9_vF!expl_vA!stp1_vA!t45&mPre=0.033&cirf=https%3A%2F%2Fmobile.nation.co.ke&en=1&cdb=&gdprApplies=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v11.1.1/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 389cf7572291959b605d375b544daecf2128efcd0ee28c63cdd354faab9b70b6

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: text/plain

Response headers

date: Thu, 19 Mar 2020 15:11:01 GMT
via: 1.1 varnish
machineid: 1423
x-cache: MISS
status: 200
x-cache-hits: 0
content-length: 1288
x-served-by: cache-fra19176-FRA
pragma: no-cache
server: nginx
x-timer: S1584630661.994115,VS0,VE370
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mobile.nation.co.ke
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 76F6 42 B
110 B 36ms
35ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPuJnBigtUBDKU_pQKpV5_KeAr1Pr1CdRYQeevsVbdp6gezcxW3eQtSOXJqS9mBqaj2vlIRVRGun9hTbRIOH1-KPxBd9lrbP4hDCRNPamXp02H_ptUMhw0O3baJQ&sai=AMfl-YQKpvJpVK1CyjNmD9d-s-b8j3CRHqwAJdDiR_7yxZTyac224K2c-prCO0DAHcNcpwZap3fKDqeN2F8zMGq9h_IHL0S5aqB-DzKJCk0Hfg&sig=Cg0ArKJSzLFE-qnLP2EwEAE&id=ampim&o=643,98&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=126&tls=1126&g=100&h=100&tt=1127&r=v&adk=427714100&avms=ampa

Requested by

Host: mobile.nation.co.ke
URL: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 19 Mar 2020 15:11:01 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 32ms
17ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200316&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9065b1224d1c68e5278bb19699494717db66fd50c609d2e18b55a579e38339a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Mar 2020 15:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5184
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 52ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 15:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Thu, 19 Mar 2020 15:11:03 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 336E 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Thu, 19 Mar 2020 14:27:58 GMT
expires: Fri, 19 Mar 2021 14:27:58 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2585
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
236 B 15ms
14ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200316&jk=1757419936386997&bg=!cHOlc2tYtluJve15WcECAAAAOlIAAAAJmQFfW7MNAxa-yljcM0fONIjOXUQNvhj-HP9Rw5OHG7YC1DCtYOmViaKpgPADkuEFnd11yOfTcx6s_L5107tsyGhmeqSnhO7rLuUqxRZfdCPfMFlVgER-JQygoAGz1L2g3-rn9q__O47a-TWnfH80GC4i7gvrEmPXdW9JCVl7ci2IzAateSBksICY3g5Fa3jF3QAyOthSOcm8z8Nq9viqmygpjs8j9DtfA1CgjErC0oYLJmyPPlLLGeT1WLAwVprwm7m_bLW-9KXGpNZ2eFyImT6-6ME_1TRIIAlhABxNdlCT_UNvmZQ9IFEvZsH06cRbN85NtCXYgLZRI4Zk0zQDoCkdsh_jwSWS9wzlcxtZCWluj0ZY7bkKzjF-U1xJMamX596ulZsFQhJtCudz-okIvI19X8_Fe9nqUQmtYDGGFvj0OsfxGDPYcE68Cf8BrfpVHd1Eze4xdlOeurO84xzTZ7WL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 19 Mar 2020 15:11:03 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content a
ingestion.contentinsights.com/ 0
115 B 322ms
106ms Image
text/plain 52.5.9.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ingestion.contentinsights.com/a?d=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&f=1714&pid=5481714&b=https%3A%2F%2Fwww.google.com%2F&u=1584630659862.583331126.5458343&ul=1584630659862.692355810.3833855&at=6&ar=6&sp=55&ts=1584630665&seq=1&x=0.7419239997500682&err=&ver=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.9.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-9-65.compute-1.amazonaws.com
Software: akka-http/10.0.11 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Connection: keep-alive
Date: Thu, 19 Mar 2020 15:11:05 GMT
Server: akka-http/10.0.11

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
2 KB 1278ms
232ms XHR
application/json 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=198827&tagid=1020237&crid=4691051&noaop=2&sortOrderType=0&cb=1584630666185&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1111&pt=-723925304&tz=60&viewable=true&ddast=V7_bQCFgMLAL6wcFLNRwQLAL6wcFLNRwUAAAAGBjsHG0EbzlgjFoe5mCyWu-VwNlmsJsvFajmcDaEjaMMZa8TiMBeTxXK3HM4mg8Vut5qMhrvNcAoOU3aaXJaDWiBrmlx-N6Sh6XT4XPd6td_iNLvscofp6bfbNX671uWXu3yfv6boWqzdMsvDdXJrXp_Dy2N6C11mk1vmt7xlftflLXI4P3_FcjVYjmZr1Wi42C1Ga43dOfa5_Eq7yWW8C01vsx0AAAAAHgCOKNcgfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAACgzDNAAoOBTW5bJcXJafy-4PAICHABAAgAEFEgAB_fASgAjwtBMAAAAAAAAAAJb_____GAA9szgZgIudyh6ABx-AB6KCwyJGAAAAAFJmE4VHkzqhsqgCACBItwK4AgAIgJvH6o8KAwAAIBDryAKhp106QR1boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQkwG3GlAlN-kar-AAABrv4AAAGzqBgDwJgAXchdoOh0-171e9_vddX6_z-yya_xuv-gIWjEYrM6AlpvNbDU7AAAAgLv___9_vI4sEHrapRNUPZDYOFe-3WKwcsx2w81kNNnsNibLyrOa2Swzh8PlPZCy4y31CaeEPocpO00uy0EtkDVNLr_9JmwxWk0mm-VwtlxMBsPRcDTan8CNBjhBw-FgsRssdovFcLKYjAbLwQIFYjDBCRmONpPVaLfaTZbDyWg020w2SNGq1Wy0GQxXs8lst1sNB8PlaIQUrVnMJpPFbLTcbQbLyWgwnAyHCBO74cyxXE3cKsPIuBaNJh63cjQZuVWm4W40WDlXk41hLXp9TK_ZyLEYjLYoGPC2F8FFOpE7TE-_3e0yOR0-y991eIscTrPz7jA9_XaLWKI5WaQT2WXf2DhXvt1isHLMdsPNZDTZ7DYmy8qzmtksM4fD5W_shjPHcjVxqwwj41o0mnjcytFk5FaZhrvRYOVcTTaGtej1Mb1mI8diMNo3VsPRbDOYzQb7xmo4mm0Gs9lg32HwHq3FrcIjkzij1eJQZjooXAaLd6NaHcefyUFaNhudQtV3dVAZ_X6_3-_3-_1-v9-g9RzMBoXvWpYq_4bdzbnNvg5GRSwRnC7SiehlPF3EEsnTIp3ITKPJwmUZOZzDzWy2Gk5WM5dtsVhZHC7bZGZxTMQSpekinejlLt_nrzm6Fmu3zPJwndya1-fw8pjeQpfZ5Jb5LW-Z33V5ixzOz1-xXA2Wo9laNRoudovRWmN3jn0uv9JuchnvQtPbbFH_sQEnc8VgMlcs54rNZpUAAAAAAAAAAJYwZ94EAAAA4DSI5Wqy3C0XAELKfNdhF71e8jLivLjxYw53mJ5-u9tlcjp8lr_r8BY5nGbn3WF6-u1mDg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&dtagid=1171561&dpubid=195297&abtst=afc9_vF!expl_vA!stp1_vA!t45&mPre=0.033&cirf=https%3A%2F%2Fmobile.nation.co.ke&en=1&cdb=&gdprApplies=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v11.1.1/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 55b28f07ae6bfc098c86cfbe0354f328286cb2fb3f97392bce3647ef1a4792d9

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: text/plain

Response headers

date: Thu, 19 Mar 2020 15:11:07 GMT
via: 1.1 varnish
machineid: 1443
x-cache: MISS
status: 200
x-cache-hits: 0
content-length: 1288
x-served-by: cache-hhn4067-HHN
pragma: no-cache
server: nginx
x-timer: S1584630667.237838,VS0,VE212
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mobile.nation.co.ke
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content p
ingestion.contentinsights.com/ 0
115 B 104ms
104ms Image
text/plain 52.5.9.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ingestion.contentinsights.com/p?a=JOSEPH%20WANGUI&b=https%3A%2F%2Fwww.google.com%2F&c=Sh51m%20fraud%20suspect%20held%20for%20four%20days&d=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&e=News&f=1714&g=2020-03-07%2016%3A10%3A00&h=fraud%20suspect%2C%20JKIA%2C%20Jomo%20Kenyatta%20International%20Airport%2C%20forex%20consultant%2C%20Emmanuel%20Mulinge%20Maundu%2C%20Nancy%20Nanzushi&i=&j=&k=&l=&m=&pid=5481714&u=1584630659862.583331126.5458343&ul=1584630659862.692355810.3833855&x=0.7419239997500682&wc=246&t=1&err=&ver=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.9.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-9-65.compute-1.amazonaws.com
Software: akka-http/10.0.11 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Connection: keep-alive
Date: Thu, 19 Mar 2020 15:11:09 GMT
Server: akka-http/10.0.11

GET
H/1.1 204
No Content a
ingestion.contentinsights.com/ 0
115 B 105ms
104ms Image
text/plain 52.5.9.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ingestion.contentinsights.com/a?d=https%3A%2F%2Fmobile.nation.co.ke%2Fnews%2FSh51m-fraud-suspect-held-for-four-days%2F1950946-5481714-cn9lge%2Findex.html&f=1714&pid=5481714&b=https%3A%2F%2Fwww.google.com%2F&u=1584630659862.583331126.5458343&ul=1584630659862.692355810.3833855&at=9&ar=3&sp=55&ts=1584630670&seq=2&x=0.7419239997500682&err=&ver=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.9.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-9-65.compute-1.amazonaws.com
Software: akka-http/10.0.11 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Connection: keep-alive
Date: Thu, 19 Mar 2020 15:11:10 GMT
Server: akka-http/10.0.11

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
1 KB 112ms
112ms XHR
application/json 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=198827&tagid=1020237&crid=4691051&noaop=2&sortOrderType=0&cb=1584630671186&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1111&pt=-723925304&tz=60&viewable=true&ddast=V7_bQCFgMLAL6wcFLNRwQLAL6wcFLNRwUAAAAGBjsHG0EbzlgjFoe5mCyWu-VwNlmsJsvFajmcDaEjaMMZa8TiMBeTxXK3HM4mg8Vut5qMhrvNcAoOU3aaXJaDWiBrmlx-N6Sh6XT4XPd6td_iNLvscofp6bfbNX671uWXu3yfv6boWqzdMsvDdXJrXp_Dy2N6C11mk1vmt7xlftflLXI4P3_FcjVYjmZr1Wi42C1Ga43dOfa5_Eq7yWW8C01vsx0AAAAAHgCOKNcgfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAACgzDNAAoOBTW5bJcXJafy-4PAICHABAAgAEFEgAB_fASgAjwtBMAAAAAAAAAAJb_____GAA9szgZgIudyh6ABx-AB6KCwyJGAAAAAFJmE4VHkzqhsqgCACBItwK4AgAIgJvH6o8KAwAAIBDryAKhp106QR1boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQkwG3GlAlN-kar-AAABrv4AAAGzqBgDwJgAXchdoOh0-171e9_vddX6_z-yya_xuv-gIWjEYrM6AlpvNbDU7AAAAgLv___9_vI4sEHrapRNUPZDYOFe-3WKwcsx2w81kNNnsNibLyrOa2Swzh8PlPZCy4y31CaeEPocpO00uy0EtkDVNLr_9JmwxWk0mm-VwtlxMBsPRcDTan8CNBjhBw-FgsRssdovFcLKYjAbLwQIFYjDBCRmONpPVaLfaTZbDyWg020w2SNGq1Wy0GQxXs8lst1sNB8PlaIQUrVnMJpPFbLTcbQbLyWgwnAyHCBO74cyxXE3cKsPIuBaNJh63cjQZuVWm4W40WDlXk41hLXp9TK_ZyLEYjLYoGPC2F8FFOpE7TE-_3e0yOR0-y991eIscTrPz7jA9_XaLWKI5WaQT2WXf2DhXvt1isHLMdsPNZDTZ7DYmy8qzmtksM4fD5W_shjPHcjVxqwwj41o0mnjcytFk5FaZhrvRYOVcTTaGtej1Mb1mI8diMNo3VsPRbDOYzQb7xmo4mm0Gs9lg32HwHq3FrcIjkzij1eJQZjooXAaLd6NaHcefyUFaNhudQtV3dVAZ_X6_3-_3-_1-v9-g9RzMBoXvWpYq_4bdzbnNvg5GRSwRnC7SiehlPF3EEsnTIp3ITKPJwmUZOZzDzWy2Gk5WM5dtsVhZHC7bZGZxTMQSpekinejlLt_nrzm6Fmu3zPJwndya1-fw8pjeQpfZ5Jb5LW-Z33V5ixzOz1-xXA2Wo9laNRoudovRWmN3jn0uv9JuchnvQtPbbFH_sQEnc8VgMlcs54rNZpUAAAAAAAAAAJYwZ94EAAAA4DSI5Wqy3C0XAELKfNdhF71e8jLivLjxYw53mJ5-u9tlcjp8lr_r8BY5nGbn3WF6-u1mDg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&dtagid=1171561&dpubid=195297&abtst=afc9_vF!expl_vA!stp1_vA!t45&mPre=0.033&cirf=https%3A%2F%2Fmobile.nation.co.ke&en=1&cdb=&gdprApplies=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v11.1.1/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 55b28f07ae6bfc098c86cfbe0354f328286cb2fb3f97392bce3647ef1a4792d9

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: text/plain

Response headers

date: Thu, 19 Mar 2020 15:11:11 GMT
via: 1.1 varnish
machineid: 1442
x-cache: MISS
status: 200
x-cache-hits: 0
content-length: 1288
x-served-by: cache-hhn4067-HHN
pragma: no-cache
server: nginx
x-timer: S1584630671.193614,VS0,VE92
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mobile.nation.co.ke
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 312ms
103ms Image
image/gif 52.20.123.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=nation.co.ke&p=%2F5481714&u=7qmVVDrkQR1CzdajG&d=mobile.nation.co.ke&g=63208&g0=news&g1=JOSEPH%20WANGUI&n=1&f=00001&c=0.25&x=1&m=1&y=5380&o=1585&w=1200&j=30&R=1&W=0&I=0&E=8&e=8&r=https%3A%2F%2Fwww.google.com%2F&b=1072&t=DvH7Y4C-OnHErG_2LCnc2KumMYx0&V=118&tz=-60&sn=2&sv=DDZ-03DFdxNvD47q_aCuEuXLUoL5u&sr=https%3A%2F%2Fwww.google.com%2F&sd=1&im=06030ffa&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.123.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-123-7.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
pragma: no-cache
date: Thu, 19 Mar 2020 15:11:15 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
2 KB 275ms
275ms XHR
application/json 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=198827&tagid=1020237&crid=4691051&noaop=2&sortOrderType=0&cb=1584630676188&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1111&pt=-723925304&tz=60&viewable=true&ddast=V7_bQCFgMLAL6wcFLNRwQLAL6wcFLNRwUAAAAGBjsHG0EbzlgjFoe5mCyWu-VwNlmsJsvFajmcDaEjaMMZa8TiMBeTxXK3HM4mg8Vut5qMhrvNcAoOU3aaXJaDWiBrmlx-N6Sh6XT4XPd6td_iNLvscofp6bfbNX671uWXu3yfv6boWqzdMsvDdXJrXp_Dy2N6C11mk1vmt7xlftflLXI4P3_FcjVYjmZr1Wi42C1Ga43dOfa5_Eq7yWW8C01vsx0AAAAAHgCOKNcgfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAACgzDNAAoOBTW5bJcXJafy-4PAICHABAAgAEFEgAB_fASgAjwtBMAAAAAAAAAAJb_____GAA9szgZgIudyh6ABx-AB6KCwyJGAAAAAFJmE4VHkzqhsqgCACBItwK4AgAIgJvH6o8KAwAAIBDryAKhp106QR1boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQkwG3GlAlN-kar-AAABrv4AAAGzqBgDwJgAXchdoOh0-171e9_vddX6_z-yya_xuv-gIWjEYrM6AlpvNbDU7AAAAgLv___9_vI4sEHrapRNUPZDYOFe-3WKwcsx2w81kNNnsNibLyrOa2Swzh8PlPZCy4y31CaeEPocpO00uy0EtkDVNLr_9JmwxWk0mm-VwtlxMBsPRcDTan8CNBjhBw-FgsRssdovFcLKYjAbLwQIFYjDBCRmONpPVaLfaTZbDyWg020w2SNGq1Wy0GQxXs8lst1sNB8PlaIQUrVnMJpPFbLTcbQbLyWgwnAyHCBO74cyxXE3cKsPIuBaNJh63cjQZuVWm4W40WDlXk41hLXp9TK_ZyLEYjLYoGPC2F8FFOpE7TE-_3e0yOR0-y991eIscTrPz7jA9_XaLWKI5WaQT2WXf2DhXvt1isHLMdsPNZDTZ7DYmy8qzmtksM4fD5W_shjPHcjVxqwwj41o0mnjcytFk5FaZhrvRYOVcTTaGtej1Mb1mI8diMNo3VsPRbDOYzQb7xmo4mm0Gs9lg32HwHq3FrcIjkzij1eJQZjooXAaLd6NaHcefyUFaNhudQtV3dVAZ_X6_3-_3-_1-v9-g9RzMBoXvWpYq_4bdzbnNvg5GRSwRnC7SiehlPF3EEsnTIp3ITKPJwmUZOZzDzWy2Gk5WM5dtsVhZHC7bZGZxTMQSpekinejlLt_nrzm6Fmu3zPJwndya1-fw8pjeQpfZ5Jb5LW-Z33V5ixzOz1-xXA2Wo9laNRoudovRWmN3jn0uv9JuchnvQtPbbFH_sQEnc8VgMlcs54rNZpUAAAAAAAAAAJYwZ94EAAAA4DSI5Wqy3C0XAELKfNdhF71e8jLivLjxYw53mJ5-u9tlcjp8lr_r8BY5nGbn3WF6-u1mDg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&dtagid=1171561&dpubid=195297&abtst=afc9_vF!expl_vA!stp1_vA!t45&mPre=0.033&cirf=https%3A%2F%2Fmobile.nation.co.ke&en=1&cdb=&gdprApplies=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v11.1.1/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 037360060d7dab2c9aae6a2728c0101d0144c75b75ad0e943270d175eb1d708c

Request headers

Referer: https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
Origin: https://mobile.nation.co.ke
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: text/plain

Response headers

date: Thu, 19 Mar 2020 15:11:16 GMT
via: 1.1 varnish
machineid: 1420
x-cache: MISS
status: 200
x-cache-hits: 0
content-length: 1360
x-served-by: cache-hhn4067-HHN
pragma: no-cache
server: nginx
x-timer: S1584630676.198152,VS0,VE252
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mobile.nation.co.ke
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

314 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.simpli.fi/	1970-01-19 16:57:33	Name: suid_legacy Value: 1B5157260F8D45FDB1B20CCA2614CD82
.simpli.fi/	1970-01-19 16:57:33	Name: suid Value: 1B5157260F8D45FDB1B20CCA2614CD82
.pubmatic.com/	1970-01-19 08:53:42	Name: KRTBCOOKIE_1051 Value: 22884-18072662248539745618
.pubmatic.com/	1970-01-19 08:53:42	Name: KRTBCOOKIE_409 Value: 22966-CaUR1N8L9GsumvnobFekUfjP
.pubmatic.com/	1970-01-19 10:20:06	Name: KRTBCOOKIE_594 Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.pubmatic.com/	1970-01-19 10:20:06	Name: KRTBCOOKIE_80 Value: 16514-CAESEMqCX4NkexB8uVW37xJpzGY&KRTB&22987-CAESEMqCX4NkexB8uVW37xJpzGY&KRTB&22995-CAESEMqCX4NkexB8uVW37xJpzGY&KRTB&23025-CAESEMqCX4NkexB8uVW37xJpzGY
.pubmatic.com/	1970-01-19 08:53:42	Name: KRTBCOOKIE_699 Value: 22727-AAKiL0685xcAABbic4ehkA&KRTB&22744-AAKiL0685xcAABbic4ehkA
.pubmatic.com/	1970-01-19 10:20:06	Name: KRTBCOOKIE_153 Value: 19420-IP_hLi347is4r-Atdq_7KyyosCk4rbIoc67hOhr8&KRTB&22979-IP_hLi347is4r-Atdq_7KyyosCk4rbIoc67hOhr8
.pubmatic.com/	1970-01-19 08:53:42	Name: KRTBCOOKIE_336 Value: 5844-4442368176423477775
.pubmatic.com/	1970-01-19 08:53:42	Name: KRTBCOOKIE_22 Value: 14911-3755908247248488398&KRTB&23150-3755908247248488398
.pubmatic.com/	1970-01-19 10:20:06	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 12:29:42	Name: KRTBCOOKIE_188 Value: 3189-no-consent&KRTB&22716-no-consent
.pubmatic.com/	1970-01-19 08:53:42	Name: PugT Value: 1584630662

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://mobile.nation.co.ke/code/view/DailyNationMobile/-/1953860/-/oflr8wz/-/main-ck.js(Line 2) Message: false
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	info	URL: https://cdn.ampproject.org/rtv/012003031842100/amp4ads-v0.js(Line 407) Message: Powered by AMP ⚡ HTML – Version 2003031842100 https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
console-api	info	URL: https://cdn.ampproject.org/rtv/012003031842100/amp4ads-v0.js(Line 407) Message: Powered by AMP ⚡ HTML – Version 2003031842100 https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html
console-api	info	URL: https://cdn.ampproject.org/rtv/012003031842100/amp4ads-v0.js(Line 407) Message: Powered by AMP ⚡ HTML – Version 2003031842100 https://mobile.nation.co.ke/news/Sh51m-fraud-suspect-held-for-four-days/1950946-5481714-cn9lge/index.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
173jkou.mkcltwzhu.com
adservice.google.de
ams.creativecdn.com
apis.google.com
bc.marfeelcache.com
bh.contextweb.com
bttrack.com
c1.adform.net
cdn.ampproject.org
cdn.nation.co.ke
cdn.onesignal.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
connect.facebook.net
convammp.taboola.com
creativecdn.com
d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com
ggblmmkf.uuxnwoevyb.com
googleads.g.doubleclick.net
ib.adnxs.com
images.taboola.com
imasdk.googleapis.com
img.youtube.com
imprammp.taboola.com
ingestion.contentinsights.com
mab.chartbeat.com
match.adsrvr.org
match.taboola.com
match.zorosrv.com
mobile.nation.co.ke
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.rubiconproject.com
px.powerlinks.com
rtb.mfadsrvr.com
s.ytimg.com
sb.scorecardresearch.com
secure.widget.cloud.opta.net
securepubads.g.doubleclick.net
server.exposebox.com
static.chartbeat.com
static.doubleclick.net
stats.g.doubleclick.net
sync.mathtag.com
tpc.googlesyndication.com
trc.taboola.com
vidstat.taboola.com
wf.taboola.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.nation.co.ke
www.storygize.net
www.youtube.com
x.bidswitch.net
104.17.66.240
104.17.67.240
104.74.100.205
141.226.224.32
143.204.202.82
151.101.113.44
151.101.114.49
151.101.14.2
151.101.14.207
151.101.14.49
172.217.16.194
172.217.23.130
18.194.83.84
185.184.8.30
185.29.132.23
185.33.223.208
192.132.33.46
23.37.42.13
2600:9000:2057:7400:18:1fcd:349:ca21
2606:4700::6811:4004
2606:4700::6812:e234
2a00:1450:4001:800::2008
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:815::2002
2a00:1450:4001:816::2002
2a00:1450:4001:816::200e
2a00:1450:4001:817::200e
2a00:1450:4001:818::200e
2a00:1450:4001:81a::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:820::2003
2a00:1450:4001:821::2001
2a00:1450:4001:821::200e
2a00:1450:4001:825::2006
2a00:1450:400c:c06::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42:1b::714
35.201.85.158
37.157.6.242
40.113.136.100
52.20.123.7
52.202.215.150
52.208.216.178
52.3.43.12
52.34.54.104
52.5.9.65
52.57.242.37
69.173.144.165
74.214.194.139
95.101.184.183
99.86.3.128
99.86.3.20
99.86.3.43
019c0b2e6985977e453cedf5d8da74d65ccfd87b304184160d92402fa91967d7
01baa205334355716be8e2b3d4f49a45ab52caabf08f42d7fdc7e888a0630a58
0300a3520992d8a0cf09c53931d878241d30e517e2ae34ee2d8abfa4ad99d600
03287280ffc2f50b1c9b477d00acb16fec7797d50e3a89a2dcb5589e36e413c0
037360060d7dab2c9aae6a2728c0101d0144c75b75ad0e943270d175eb1d708c
053d3ecbbbb74ebb4a3dbce3c42ab442f7fa281c5a5f4227cab1f293417bd6f1
0591e3f9728b4cb8b2c874eaf0cd1fd6f720713aac4e3cfcb3c12d9ce8a8afac
07470d619f47967ccebfd3e54b4ced0578e12a538b37fb988f900351e11dd996
08488d175ed222ebe005013e57c4394f1cd0aaf4cb7261c697bbd24be7a1d2ba
09676704908b85448b5906149e906b4190d9d7797cf254f6919e80f44e2841c3
099ae698b2292d7ec4a45c32230ac80d194d9d8cebebd634f38a2e132535d209
0a33faf3ffd9fe9fdfba863f09c3178fed798bc74dace59827d9e3fe2f20f1c1
10cb3aada47cb64eb8ebb1dc871492eb66144a651950362ba48133c9e30aa2d3
137551bbf9741a71172f1dc05b17ec1f38473acb0f7d335e0be8600c6884330e
1496e3ea9e6ee11969dc9729f59ec7c4ec44d82ea31742c9ee30ff1c9ce8064c
17185d93d2baa504d2f5f78f06d6a757706e428cf406677694042c78f99d5080
180d0b4abb228f7a8a1c979259041539d5af9db809a6fc02338feb2ceee96634
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
2051f4dab3826586545173c453c1a97e15abc89ade527db934c6f2b155dd3b91
226a0c5448f56368d1462dd49dcebd7e85db7612ddf5eea8b8e6e67ecc9e6528
24b45790f58b5d8c376ea8320617b5defa1c88576b7b8df5abf1337a758adba3
25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132
27b6c713cd431faa1981fb451caaf3b0770376a5c952f45dc3cf1ace898eb0c9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c57df0e9a0cfb1879ad4fd437a7eaeb4f38f3c75182f57d8fd30ea5913dbdf6
2d45c0afeb325894b1cf367233191e5acd290f2e6b80653e1973cc5136cc0161
2e925b8576908d8cf54dd0533d1cc23804c9ec3d518258f47244030a739accb9
2ed76d451cc988d65d654c965f341a4bd2c5e77dc99c29a5e857127c1b667de0
3042ba73f3735ab2c8aa60b662ea4b48a1904757b9c1a288eeac6135b64c8c05
31b6eef74cc73bf8db37834bbd5b263be39fca4bcaaec809d771706255d1af75
33f22ed72d2e0cdf91fc3d4a2d9dd855b45fab17d4944cba7625afecf266c4b2
3490a64b6379a5d8ab10b48bda447b0f2b9860255424c5454aa8c9e4015702bf
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
389cf7572291959b605d375b544daecf2128efcd0ee28c63cdd354faab9b70b6
3c213e54ed5990ecc5d592c87772b0124d02d08e5ff94aefd661a0452d9bc9f6
3edc0759c8e33699ce92932d613a71bb1740dba8a16b2e741dc6800830ab85c9
4134f334cb950392ce1b7708a25ea2929f1e975e9cdb90f2972ab95955c46764
42025e5c6d8d9e0ddaa60745b330caac9195020523a46a408ccbd4e56caba5a7
4292f66200717843a68e3104a380ad5d567fb9f6125d8987309c291d44fb1246
43ed58a47eaa7134ec3300ded45afc01af073084130eb90beeb389da9814deec
45bcc9239480ef508d3c8f3c760c86a03b6924a675874d39d1da825010501a07
4b39d8fb0047eb0eb2faaa07123395819a4dd20c384ba524f5609ea956ef0e90
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4eeac1c750e8d8135f3c05a8c37e6f5dd21fd2f446b669a08db1f3f0638567ed
4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16
50289747be14a95dea55f5ee1041c07f727770a649915f942522590c0b3801b2
53b17c99805a4cd15e7b3d461cee839b6055f6d7efa6af2f4e98b11d35316078
55b28f07ae6bfc098c86cfbe0354f328286cb2fb3f97392bce3647ef1a4792d9
597e42459d62b5943d6ce4e5e4d024fff06f8d5e8fa56719712c1e6f6406e343
5a1c8ab9c65a636c6e0904ed796ee77ab8a7b60f236380c5b7f3edc2d3be90d8
5daa8e00106b85bb3de8e5b2bf545b16cee20944364f932ad39d0082b22a579f
5ff06695bdf7e7103442633bedc3739b76f3f62662eac7b9babc35c949a59567
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
667b8f4d0d6015504f4020d4cfacfccc4428f17cb964a307a0c4f8e28d6b8bd4
68acb1dbd74cdd7d263b1d894077e1a737c18a1d546f7bbb8290cc6e369e1bd6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b3f9cc6b1e1cd02649447c72d77f9cef2fc81cfdea5b47a20f507eed6483a31
6c99c67f38936aa713e02df2807197d86efa84308a039e8baf88becf13befad8
77a82730d99d5dda98abbdc95b9690b404ca8de98102c61327b2b51b9bf85cce
780f6a5bbe40cce5ad109b81778504b58da92592cc5e85d812065a426ded355b
78731e752ca514752d27614d58f4d9fe3df34143dd798c696ec5aa286fb854c0
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ac68802a814bb1744631cbe7d7b870fbc4e25d3dfdd5f45a2a5e55129c76940
7e422300babfa91eaebf514d0fcf73a3e51b2a1555830af6cca17af49de1e1b8
7e8d9c99d5e2afc76174003ba659d8500f09e456726685a587692f0555867ed8
7fa58b512176de3de4ee84324c9cb545d4ee79937b6a3518af6ed1a5e61378db
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
839fa90e03844e95c5cac475847360023989e76c9ef8cb7cfea245649e7aa957
87926448eb83895e5962f8158621bfb3b8b047ea935061de6c1dd1f07c51cc18
891a417982f3fcf9102a58972130e6f88ccdc4e87006099e5c5ed23d21b82984
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ad1368b0463703245ec260353fb66da9b8bef31a2468f8392c8eeea6a55cdda
8b50cd1534d3cdf09e7a31cf6c24ca53bad47a1315b70e477e3c6c39c91a4673
8c770dc69a024371e2a9b8ce1a5fc05768e23cd0f31d114367ce26f1b8944223
8cfc39272a023901fd6f42f08ab9ec4750a7aab69522ef9ad6819c6f5814373b
8ee04e0441c9e51785d17ac835a93cf4d30d90826f87350b42ba233496a26f55
8f889d5ad350e9a16462fc1d7b0d6ca7855fef2924b4a30d873465df6100a871
8fe81a21afa207aab9dd07c16c1e5fa88e3e96121adb1f7bd372a9178023274c
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
9065b1224d1c68e5278bb19699494717db66fd50c609d2e18b55a579e38339a1
91772941c245b12f8fcb8447413a0d7ceb9864bf67147894775ea9062c59f82a
91e0d98bb6452fde109dcd05fba3b2a356f09473ada469d6701bd160f9c32b7b
92a3a79c64f777aa63d0d7ffe31e49c3fb9c15b207257071f482533864d0b43a
97bacb09dd91b77761a3a5e7dabf4a3344cfeced24609a1bbc114fb1f195ca51
9baf0b7993a1275cbeeb104ea5a8665019948f89391755569ff1d91696fc4e1d
9dfe7a51c0697fb1f38a97f0069ed2a3837f1c8dae1cc0ef1b1a8b2f37dc94d7
9fdde15f2b553982d2c529ca9919e67bd48f116d669c7abe2cbbca51250848a9
a1775b98570c7a17f738f16f00ca4db8261de616adacf11f7686cf31eb7948ae
a182e98bf3c194d73e35ce76e41f60b56dc0a8dbedc98034795eeaa3e10c1dc1
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a369e130c680ce4782af107acfcac873193d111897fb92351f12453ea11a19e8
a3a63d0d86867987d32dfe8cfd8dedeec69aff04e288b9c1ed1e788803f96f56
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a4b7be8e12bf1310574df2573826de89f7d7d99b54a2bdc1a9dc3679baff8ef1
a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
b6103e79e84fcbee4ac32e0f29ed72416a9c6eb397bd6262e9b6c5b6ff5876ab
b611ca25d099fc6b89087e108c4c5ebfca18ffb0f76a3decabfe88ab60caf12e
b6513766c0974fcef7b28cd5adceb151659a74a329197f96ce33b53f8bfbec14
b8b8617d3f8833b414dd18b2e2a04a314e3c55fc8d6285e9c7620d95a3b58ce9
b8ffc0a76bb58e58b2c425cec853638569574c95fa68587c549ac5250e341d66
b92bc35384a190df4963836d1a16f0bbc6b1b13aa97a6a340fbd7ca2a0ef3d9d
b9635c09e3af313d624d7bfb2faca2e2346756abe1721e689c78b6d7cdbb4c39
bbb689171a57b1eb95ef20676cecf058360206cd4753d89e6155e2f4f57575a2
be0e109552debcc662723934bf2097b0d700b49448cedf92c0aef3902a69617f
be3e6a42b3069b41fa545824978a0b601b4de059253749ad57c8fd1b6bddf45e
befa8b01a8554b81b8290c55ba3da26b75b0f13920156d313fb4e4d08718ea24
c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c
ca90d5814c90434d3bd1d36a0c6548911f10194a0fe86e9cd1be4dd369e23baa
caaa5ca8a0cb141b10af77b40adf1af9c39b4c87de2c1c0ea444e5add41463c3
cdfae1a14a6a6513f7e8afd50a514386cc2684a0d09bea4b0246d0ba183d2089
ce1e62ec76ac72bb605aac4bf9ddc9f22711ba7dc821bd04c42828976b1e378d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0dab19af140a499fcb4302cce17dc025552c094d03631540c010cd6c25cdd84
d1a9e2b6833dae8729553019a14aa4bc080d95e890b7944f068cfb252b98bf1d
d26fab162048604ea173c52c7cb77e5baa55d19073bce450b2fd449e3f6b1881
d328a8d4222680e6c710a368323979d8baadeac4771127b47a92df5b5cbfb709
d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8
dbe3b976cb29e2e48ffbe0a292f56792249c05de78ee19c957573d294da2053e
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de4d39d697730b1b7085d38fc92adfe4bab7f16e6aee24d50b481d32b26ccff1
e0352d61a99875d75be85aef0b849a74dbcd14d6bce6f8d71c7e5ff2ffdbcd6f
e0d533062c59ff8a0279fc9429946e377862bf25b1ad920864b9a71895ecfc78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8de177b6c894e9d8a9eeef473b9383220d64b237725527cb13296e2a701bfff
e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eaad8e5b3abc10a8518e1f8dae5ecea96dc45db3c7461113c9b5f06902e0c50a
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec25dea94bb5d3a37b2122635902fcdade629ff9284a9f516a227d84c15ba456
ed612b4bc5d5fc594db9bb0562f9029b05fd4df1e5fc296f3d6837316b5e6e06
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8
f20e95cf5f1bf871ae164ee529a1c1fabbca94567351ee3169baacadf68f82bf
f34922bc830fe07b84412052407d933809cf522f9ba778b2511fe7575a0e3486
f3c1ca71fa82f349d1bb2b27ca3bddac4edc6de87e4bc7f963892d64c766368b
f506ee3d335c8a083070180d8aefb7d5812afbeb9752e9254457c5f5278d1d17
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fa7a632c8018545d842edbd76099eaf599fe284d51a777abcf1d20ecc584d7f5
fcbdda553bc4ce201f5accfa16c3b73f296b326208a24444fb90e3c8f14bd450
ffdc18ac8f47bcd50dd9c33532c334e7073717a62b367d95b9cb1561048547dc

mobile.nation.co.ke Open in urlscan Pro 151.101.14.207 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

202 Requests

99 %HTTPS

39 %IPv6

40 Domains

62 Subdomains

45 IPs

9 Countries

3339 kBTransfer

8546 kBSize

13 Cookies

52 Outgoing links

Page URL History

Redirected requests

202 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mobile.nation.co.ke Open in urlscan Pro
151.101.14.207 Public Scan

Screenshot
Live screenshot

Full Image

202
Requests

99 %
HTTPS

39 %
IPv6

40
Domains

62
Subdomains

45
IPs

9
Countries

3339 kB
Transfer

8546 kB
Size

13
Cookies

202 HTTP transactions
3 data transactions