urlscan.io logo urlscan.io
SecurityTrails logo

www.nyasatimes.com Open in urlscan Pro
2606:4700:20::ac43:4681  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.nyasatimes.com/
Submission: On July 31 via manual from MW — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 65 IPs in 10 countries across 51 domains to perform 250 HTTP transactions. The main IP is 2606:4700:20::ac43:4681, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.nyasatimes.com.
TLS certificate: Issued by GTS CA 1P5 on June 13th 2023. Valid for: 3 months.
This is the only time www.nyasatimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
45 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2606:4700:e2:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.19.54.139 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 23.218.208.23 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
4 2600:1901:0:6... 15169 (GOOGLE)
17 151.101.193.44 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
8 151.139.128.10 20446 (STACKPATH...)
4 10 23.213.161.145 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
5 69.20.43.192 27357 (RACKSPACE)
2 2a02:2638:d::d 44788 (ASN-CRITE...)
4 4 35.214.138.23 15169 (GOOGLE)
20 146.20.132.182 27357 (RACKSPACE)
5 5 46.228.164.11 56396 (AMOBEE)
5 5 52.23.28.172 14618 (AMAZON-AES)
3 141.226.228.48 200478 (TABOOLA-AS)
15 146.20.132.142 27357 (RACKSPACE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a03:2880:f17... 32934 (FACEBOOK)
3 4 35.156.133.126 16509 (AMAZON-02)
1 69.173.144.139 26667 (RUBICONPR...)
1 2600:9000:238... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 37.157.5.133 198622 (ADFORM)
1 2600:9000:237... 16509 (AMAZON-02)
9 23.35.236.201 16625 (AKAMAI-AS)
1 3 198.47.127.19 62713 (AS-PUBMATIC)
2 2 213.155.156.168 1299 (TWELVE99 ...)
5 198.47.127.205 62713 (AS-PUBMATIC)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 178.250.1.9 44788 (ASN-CRITE...)
1 2 67.220.224.144 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
4 5 142.250.185.66 15169 (GOOGLE)
1 52.214.214.124 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 34.224.44.34 14618 (AMAZON-AES)
3 4 37.157.6.254 198622 (ADFORM)
1 35.204.158.49 396982 (GOOGLE-CL...)
6 185.64.191.210 62713 (AS-PUBMATIC)
2 35.71.131.137 16509 (AMAZON-02)
2 185.64.190.75 62713 (AS-PUBMATIC)
5 185.64.190.89 62713 (AS-PUBMATIC)
1 2a04:4e42::300 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
2 2 37.252.171.52 29990 (ASN-APPNEX)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 2 151.101.194.49 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
1 1 15.235.15.221 16276 (OVH)
2 2a05:d018:d29... 16509 (AMAZON-02)
1 3.75.62.37 16509 (AMAZON-02)
1 1 35.156.201.21 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 52.211.152.117 16509 (AMAZON-02)
3 54.251.185.155 16509 (AMAZON-02)
4 34.193.236.118 14618 (AMAZON-AES)
2 2600:9000:249... 16509 (AMAZON-02)
1 1 3.69.181.161 16509 (AMAZON-02)
1 52.46.128.147 16509 (AMAZON-02)
250 65
45    2606:4700:20::ac43:4681 (United States)

ASN13335 (CLOUDFLARENET, US)
www.nyasatimes.com
6    2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
5    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2606:4700::6812:18f6 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
call.cleverwebserver.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
ads.vidoomy.com
3    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
7    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
partner.googleadservices.com
1    23.218.208.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-23.deploy.static.akamaitechnologies.com
contextual.media.net
3    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2600:1901:0:6072::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
steadfastsystem.com
17    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
8    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
ad.lkqd.net
10    23.213.161.145 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-145.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3d44b71d3c52cdd2c4a6fd34416e8c00.safeframe.googlesyndication.com
5    69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
2    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    35.214.138.23 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 23.138.214.35.bc.googleusercontent.com
csync.loopme.me
20    146.20.132.182 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
5    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
5    52.23.28.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-28-172.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
15    146.20.132.142 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    35.156.133.126 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-133-126.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2600:9000:238d:2000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    2600:9000:237d:1400:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
vpaid.springserve.com
9    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    213.155.156.168 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
5    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    67.220.224.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
5    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
1    52.214.214.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-214-124.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    34.224.44.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-44-34.compute-1.amazonaws.com
a.audrte.com
4    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
6    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
5    185.64.190.89 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
st.pubmatic.com
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    85.114.159.118 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
2    2a05:d018:d29:3605:ac8b:87e9:703f:b17f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    35.156.201.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-201-21.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
1    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    52.211.152.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-152-117.eu-west-1.compute.amazonaws.com
vid-io-dub.springserve.com
3    54.251.185.155 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-185-155.ap-southeast-1.compute.amazonaws.com
vid-io-sin.springserve.com
4    34.193.236.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-236-118.compute-1.amazonaws.com
vid-io-iad.springserve.com
2    2600:9000:2490:8600:19:c363:bec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.stickyadstv.com
1    3.69.181.161 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-181-161.eu-central-1.compute.amazonaws.com
1f2e7.v.fwmrm.net
1    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
Apex Domain
Subdomains		 Transfer
48 lkqd.net
ad.lkqd.net — Cisco Umbrella Rank: 18930
v.lkqd.net — Cisco Umbrella Rank: 14714
cs.lkqd.net — Cisco Umbrella Rank: 3166
t.lkqd.net — Cisco Umbrella Rank: 16380
215 KB
45 nyasatimes.com
www.nyasatimes.com
332 KB
30 pubmatic.com
vpaid.pubmatic.com — Cisco Umbrella Rank: 5058
ads.pubmatic.com — Cisco Umbrella Rank: 553
image6.pubmatic.com — Cisco Umbrella Rank: 767
image2.pubmatic.com — Cisco Umbrella Rank: 1021
simage2.pubmatic.com — Cisco Umbrella Rank: 763
vid.pubmatic.com — Cisco Umbrella Rank: 7857
st.pubmatic.com — Cisco Umbrella Rank: 1162
160 KB
22 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 861
trc.taboola.com — Cisco Umbrella Rank: 616
am-trc-events.taboola.com — Cisco Umbrella Rank: 14198
images.taboola.com — Cisco Umbrella Rank: 1756
pips.taboola.com — Cisco Umbrella Rank: 1537
cds.taboola.com — Cisco Umbrella Rank: 1770
301 KB
12 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 563
cdn.stickyadstv.com — Cisco Umbrella Rank: 4735
138 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130
3d44b71d3c52cdd2c4a6fd34416e8c00.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
215 KB
10 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
cm.g.doubleclick.net — Cisco Umbrella Rank: 239
162 KB
9 springserve.com
vpaid.springserve.com — Cisco Umbrella Rank: 15263
vid-io-dub.springserve.com — Cisco Umbrella Rank: 12227
vid-io-sin.springserve.com — Cisco Umbrella Rank: 11747
vid-io-iad.springserve.com — Cisco Umbrella Rank: 10164
109 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 58
region1.google-analytics.com — Cisco Umbrella Rank: 1914
42 KB
6 adform.net
adx.adform.net — Cisco Umbrella Rank: 4425
dmp.adform.net — Cisco Umbrella Rank: 3440
c1.adform.net — Cisco Umbrella Rank: 607
4 KB
6 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1205
195 KB
5 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 764
4 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 912
2 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 3 Failed
cse.google.com — Cisco Umbrella Rank: 3639
122 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2823
3 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 350
1 KB
4 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1054
879 B
4 steadfastsystem.com
steadfastsystem.com — Cisco Umbrella Rank: 180633
24 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 79
ajax.googleapis.com — Cisco Umbrella Rank: 415
38 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 466
ups.analytics.yahoo.com — Cisco Umbrella Rank: 321
979 B
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 26262
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 24044
903 B
3 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1121
s.amazon-adsystem.com — Cisco Umbrella Rank: 319
2 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 417
dis.criteo.com — Cisco Umbrella Rank: 623
938 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
217 KB
3 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 27106
ui.cleverwebserver.com — Cisco Umbrella Rank: 28117
call.cleverwebserver.com — Cisco Umbrella Rank: 28887
49 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1301
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 746
771 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 245
2 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 379
531 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5207
562 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170
88 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1042
36 KB
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 3211
536 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4220
105 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 7940
346 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3335
418 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3182
440 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1613
524 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 862
615 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 840
266 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 802
590 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 859
791 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 595
483 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 380
239 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1196
334 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265
7 KB
1 media.net
contextual.media.net — Cisco Umbrella Rank: 639
38 KB
1 vidoomy.com
ads.vidoomy.com — Cisco Umbrella Rank: 25027
5 KB
1 gstatic.com
fonts.gstatic.com
22 KB
0 opera.com Failed
t.adx.opera.com Failed
250 51
Domain Requested by
45 www.nyasatimes.com www.nyasatimes.com
20 cs.lkqd.net ad.lkqd.net
15 t.lkqd.net ad.lkqd.net
10 ads.stickyadstv.com 4 redirects ad.lkqd.net
cdn.stickyadstv.com
8 images.taboola.com
8 ad.lkqd.net www.nyasatimes.com
ad.lkqd.net
7 cdn.taboola.com www.nyasatimes.com
cdn.taboola.com
6 simage2.pubmatic.com ads.pubmatic.com
6 pagead2.googlesyndication.com www.nyasatimes.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 use.fontawesome.com www.nyasatimes.com
use.fontawesome.com
5 st.pubmatic.com
5 cm.g.doubleclick.net 4 redirects
5 image2.pubmatic.com ads.pubmatic.com
5 ads.pubmatic.com vpaid.pubmatic.com
ads.pubmatic.com
5 sync.srv.stackadapt.com 5 redirects
5 ad.turn.com 5 redirects
5 v.lkqd.net ad.lkqd.net
5 www.google-analytics.com www.nyasatimes.com
www.google-analytics.com
4 vid-io-iad.springserve.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 vpaid.pubmatic.com vpaid.springserve.com
blank
4 x.bidswitch.net 3 redirects
4 csync.loopme.me 4 redirects
4 steadfastsystem.com www.nyasatimes.com
steadfastsystem.com
4 www.google.com www.nyasatimes.com
cse.google.com
tpc.googlesyndication.com
3 vid-io-sin.springserve.com
3 c1.adform.net 2 redirects ads.pubmatic.com
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 am-trc-events.taboola.com cdn.taboola.com
3 region1.google-analytics.com www.googletagmanager.com
3 www.googletagmanager.com www.nyasatimes.com
www.google-analytics.com
www.googletagmanager.com
3 securepubads.g.doubleclick.net www.nyasatimes.com
securepubads.g.doubleclick.net
2 cdn.stickyadstv.com ad.lkqd.net
cdn.stickyadstv.com
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 ib.adnxs.com 2 redirects
2 vid.pubmatic.com vpaid.pubmatic.com
2 match.adsrvr.org ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 adx.adform.net ad.lkqd.net
2 www.facebook.com 1 redirects connect.facebook.net
2 trc.taboola.com cdn.taboola.com
2 gum.criteo.com cdn.taboola.com
2 connect.facebook.net www.nyasatimes.com
connect.facebook.net
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 ajax.googleapis.com www.nyasatimes.com
2 maxcdn.bootstrapcdn.com www.nyasatimes.com
2 fonts.googleapis.com www.nyasatimes.com
1 s.amazon-adsystem.com
1 1f2e7.v.fwmrm.net 1 redirects
1 vid-io-dub.springserve.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 ups.analytics.yahoo.com ads.pubmatic.com
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 vpaid.springserve.com ad.lkqd.net
1 static.adsafeprotected.com
1 pixel.rubiconproject.com
1 cse.google.com www.nyasatimes.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 3d44b71d3c52cdd2c4a6fd34416e8c00.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdnjs.cloudflare.com www.nyasatimes.com
1 call.cleverwebserver.com www.nyasatimes.com
1 ui.cleverwebserver.com www.nyasatimes.com
1 contextual.media.net www.nyasatimes.com
1 ads.vidoomy.com www.nyasatimes.com
1 fonts.gstatic.com fonts.googleapis.com
1 scripts.cleverwebserver.com www.nyasatimes.com
0 t.adx.opera.com Failed ads.pubmatic.com
250 84

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
popup.taboola.com
Subject Issuer Validity Valid
nyasatimes.com
GTS CA 1P5		 2023-06-13 -
2023-09-11		 3 months crt.sh
use.fontawesome.com
GTS CA 1P5		 2023-07-04 -
2023-10-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
cleverwebserver.com
Cloudflare Inc ECC CA-3		 2022-09-06 -
2023-09-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
steadfastsystem.com
R3		 2023-06-21 -
2023-09-19		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
ad.lkqd.net
R3		 2023-07-27 -
2023-10-25		 3 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-09 -
2023-08-07		 3 months crt.sh
*.lkqd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-10 -
2024-07-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.springserve.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-03-29		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-07-18 -
2024-01-10		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-09 -
2024-02-09		 a year crt.sh

This page contains 36 frames:

Primary Page: https://www.nyasatimes.com/
Frame ID: CF792F81A373CE2A178D8E47B0905192
Requests: 137 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html
Frame ID: 9557CE6D054054910CCAD7D7958DE20E
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: A732F00D591EFC37A0C938881B90E46E
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: EBB042E1F1881BC5ABEDCBCD8E9BDC55
Requests: 2 HTTP requests in this frame

Frame: https://3d44b71d3c52cdd2c4a6fd34416e8c00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 620EAC96CA42F553957F8986076FF483
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 523A03FBBAB7E4BA394AFB205A83B644
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&adk=1812271804&adf=3025194257&lmt=1690810714&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690810714425&bpp=19&bdt=459&idt=307&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2790698199253&frm=20&pv=2&ga_vid=1086207001.1690810714&ga_sid=1690810715&ga_hid=1332141835&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076409%2C31076425%2C42531705%2C42532317%2C44788441%2C44798156%2C44769662&oid=2&pvsid=3708375072521124&tmod=1669594165&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=354
Frame ID: C6BC7A8642383B45196ED44A7197E642
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 1A721CF2D4AD4C72CF5D3D3A162BC281
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 3626904956F5B51E44B6DD2B2087B3A3
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: BBECE275D14EBDD38AC6EF7B5FE62FBC
Requests: 3 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 51137237FB99F5C485304466F0E3B43F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df85aa7efb68378%2526domain%253Dwww.nyasatimes.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.nyasatimes.com%25252Ff14e1a882f5ddcc%2526relation%253Dparent.parent%26container_width%3D284%26height%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FANCCLeeds%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D300
Frame ID: 2A497E7BCEF4AD33057A8712F3366387
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: C72EE6CC02CFE5B1255C172621932B5E
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E3E0BC315D238F82CDD91D79EC6A6ADC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B5053A84DB8F593E022D2102C97B9A7A
Requests: 2 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: B4DD6E116FB4F6CBEA8A7925CFBBD46C
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_3bc8d9fc.js
Frame ID: F3331358B461994CC6A87C0F1E7106AC
Requests: 14 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1690810715521,,
Frame ID: 0A3FCA593A60641B878646754E8FD452
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: BEDEF066B7780955CE57279E8C487C97
Requests: 11 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7507936083092471926
Frame ID: 2DDA202496D26DF0F2942A17D9ECF8D9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829129191032
Frame ID: 8CD2A02CC15DC5DD73AC870E7B71B5CD
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 95CC404E95DAE6F1B3502B977D236C86
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F75FF18A-B9AE-4A48-B64D-43C30B65951C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: DAFE8729E6132D80E26D92D98C23F91B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=QcVb_BXIDahawgGtFJAV8hWXDPhalAD5RMK22L_b
Frame ID: FD8BEBD352E4EA99FEDBAD840B8BC49D
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1690810715521,,
Frame ID: 8CBE3A367782CC62C04D5D472FDA3147
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5CCC338D09C5162880A701738D3F14CD
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=F75FF18A-B9AE-4A48-B64D-43C30B65951C&gdpr=0&gdpr_consent=
Frame ID: E76ED8A0BE6C60F60500C3B3670E9057
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8860384499538037934&gdpr=0&gdpr_consent=
Frame ID: 2325002BA53BA7843774B1CCD26534AD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7261976733243996306&gdpr=0&gdpr_consent=
Frame ID: 3214E213B011BFCEB74E4A864CB57B58
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wgt504sWVeJRypPFKsjF9FFfBSU&gdpr=0&gdpr_consent=
Frame ID: B06B77A676F58C74D9AE68F5A6970615
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZMe5XQAAA1wswwA4
Frame ID: 5048AECE83703E8CED1512CC34D86F16
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: F772665C84F74840B6B1C1C7D1001A29
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 9981DD8DD4069386A92173DCED37F74C
Requests: 4 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: EA53D49A8731A849FEC0EE88371A9C57
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 0847C13A3E5E40FA2901194028C2303D
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 78C88C7A6CBFDE098A8635653313C047
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Malawi Nyasa Times - News from Malawi about Malawi - Malawi premier news source updated 24 Hours a day Nyasa Times - Malawi News - Malawi Politics

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

250
Requests

88 %
HTTPS

39 %
IPv6

51
Domains

84
Subdomains

65
IPs

10
Countries

2519 kB
Transfer

8094 kB
Size

70
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e0bcd262-9740-45f4-9cdc-a28dc78f26d2
Request Chain 98
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8595048832277020971
Request Chain 99
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=wgt504sWVeJRypPFKsjF9FFfBSU
Request Chain 106
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f41a84a1-a666-4952-98f4-e8fc8d8b4bf5
Request Chain 109
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8090645674011525419
Request Chain 110
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=wgt504sWVeJRypPFKsjF9FFfBSU
Request Chain 133
  • https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df85aa7efb68378%26domain%3Dwww.nyasatimes.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nyasatimes.com%252Ff14e1a882f5ddcc%26relation%3Dparent.parent&container_width=284&height=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FANCCLeeds&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=300 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df85aa7efb68378%2526domain%253Dwww.nyasatimes.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.nyasatimes.com%25252Ff14e1a882f5ddcc%2526relation%253Dparent.parent%26container_width%3D284%26height%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FANCCLeeds%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D300
Request Chain 142
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e0bcd262-9740-45f4-9cdc-a28dc78f26d2
Request Chain 145
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8522991238239093035
Request Chain 146
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=wgt504sWVeJRypPFKsjF9FFfBSU
Request Chain 179
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7507936083092471926
Request Chain 180
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829129191032
Request Chain 182
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F75FF18A-B9AE-4A48-B64D-43C30B65951C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F75FF18A-B9AE-4A48-B64D-43C30B65951C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 183
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=QcVb_BXIDahawgGtFJAV8hWXDPhalAD5RMK22L_b
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=91_xirmuSki2TUPDC2WVHA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 186
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3611807715 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F75FF18A-B9AE-4A48-B64D-43C30B65951C
Request Chain 187
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F75FF18A-B9AE-4A48-B64D-43C30B65951C HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YjJpdGllNnMxamFUd0NHMkNPbEd3VGxlZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=9003859226632685610&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjc1RkYxOEEtQjlBRS00QTQ4LUI2NEQtNDNDMzBCNjU5NTFD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGQCvm55u0py1Q-UdQoNqDM&google_cver=1
Request Chain 191
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9003859226632685610
Request Chain 206
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8860384499538037934&gdpr=0&gdpr_consent=
Request Chain 207
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7261976733243996306&gdpr=0&gdpr_consent=
Request Chain 208
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wgt504sWVeJRypPFKsjF9FFfBSU&gdpr=0&gdpr_consent=
Request Chain 209
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZMe5XQAAA1wswwA4
Request Chain 212
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F75FF18A-B9AE-4A48-B64D-43C30B65951C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F75FF18A-B9AE-4A48-B64D-43C30B65951C&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 213
  • https://pixel.onaudience.com/?partner=214&mapped=F75FF18A-B9AE-4A48-B64D-43C30B65951C&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 216
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=9effc6d1-0d12-47b4-9e9e-9ab4022ec669&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_09bfd7b2-5213-4b49-b700-54a3ccedae14&bsw_param=9effc6d1-0d12-47b4-9e9e-9ab4022ec669&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9effc6d1-0d12-47b4-9e9e-9ab4022ec669&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 218
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8522991238239093035&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 234
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=66301f28733e4318fca91f8fbe1ce6f9&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=v19d2_7261976737536700354&gdpr=0&gdpr_consent=null HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/66301f28733e4318fca91f8fbe1ce6f9?gdpr=0&gdpr_consent=null
Request Chain 239
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NjYzMDFmMjg3MzNlNDMxOGZjYTkxZjhmYmUxY2U2Zjk=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 240
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=66301f28733e4318fca91f8fbe1ce6f9&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 248
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e0bcd262-9740-45f4-9cdc-a28dc78f26d2
Request Chain 251
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8522991238239093035
Request Chain 252
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=wgt504sWVeJRypPFKsjF9FFfBSU

250 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.nyasatimes.com/ 		258 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
89d3327f4c0aedb14e2bae462ef75d2e6c6c74b408e5dd428bc2f3c6c516ec95

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ef63e11ae1d2c65-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 31 Jul 2023 13:38:33 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://www.nyasatimes.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mk2cIP47c%2FQxU%2BWgeGJPnbooNHqROQi2R4u4Pzlr9E0BVqfAMfS7J95D3fP1DyjJhaSR4QFjS6IA4Ht2aAsjhadHlLXFIgZiA9zDP0xq2i04wvhYrWw%2FDCG1FSfxur6fzUiSGmLbwEgMLeUOn0AArA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 4
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine
M3fjeLyk7JJhMLomVwSKQ53ZBAg.js
www.nyasatimes.com/cdn-cgi/apps/head/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/cdn-cgi/apps/head/M3fjeLyk7JJhMLomVwSKQ53ZBAg.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34141e57b1afc6233de17f6fc96ef59921c1c2b4b4a22abb5b2abb8471903078

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:33 GMT
x-amz-version-id
SiHF84emP6.sTBB16lj.gFOIUL7jYyUk
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
AE1YY73812F1MT83
age
1209616
x-amz-id-2
fxdwZ0c9kYFFjlHaANn4uRGTlMszAid53IT1SROnAMsRM8t3UVz5rdf2xwR9s0h8dLPI5iy3L6A=
last-modified
Mon, 24 Jul 2017 16:32:42 GMT
server
cloudflare
etag
W/"b1d0773f46e4295122cb158c4e70b960"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRbZDUO1QynkKo1MgSioCJMETaFuiY%2F5KDXqGACZSBUw63Wkg3aJ8OaVEbPeadlsqqQrTL6sonS0okmmW5ACPCbFWytoo8i7%2BWH4YZBs%2Fwo7UW6L2KCqn%2BurZS36HeCP4A5AkkjqcbaJ7rMQ6kph9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7ef63e126f482c65-FRA
style.min.css
www.nyasatimes.com/wp-includes/css/dist/block-library/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 03 Apr 2023 19:33:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4715048
etag
W/"642b2a23-17ced"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ub%2FfZzztLYBFMkNEWCr1Wut%2Fz98Kgrtz8F7IvJjhQpeU2ZwKO7dcRst%2FR%2FNrmOo0p9SkzjWKE64UN7b2zXUUGfdlkGnnLqKR1MKtgbjL2%2FeMsShZgwNiQwZvgFW4fwlffc3zXAMQKO3DrEhyENCv%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e125f432c65-FRA
classic-themes.min.css
www.nyasatimes.com/wp-includes/css/ 		291 B
541 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 03 Apr 2023 19:33:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1902058
etag
W/"642b2a23-123"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8K37be4D20gUx0QO4dv30iFjnOA1PDFTLaOVaR4pxcQwZS8Lo7CmUIvFmUQ0YPbCGdKLGmj913jFGjERTSd7eWFdGiKISDrC2clDSu7ClZf9l0j8viFxQAE7r8KKlUw%2BfxlnVVqIgCn%2Bm2WXk3pPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e126f452c65-FRA
admin-bar.css
www.nyasatimes.com/wp-content/plugins/anti-spam/assets/css/ 		1 KB
726 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/anti-spam/assets/css/admin-bar.css?ver=7.3.5
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7ee6c44dba2d020c99ee1c1c28aa32fe0597e689f200641eacd565c93b6592d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
282298
cf-polished
origSize=1325
cf-bgj
minify
last-modified
Mon, 03 Apr 2023 19:35:06 GMT
server
cloudflare
etag
W/"642b2a6a-52d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfr%2FJJv9%2BPxCN%2BOsNwyvOLCvmmNFCmYQ%2FhgwGDOTvOuT2vGN0gqsd35tVqEfPcovdNhO%2BKv6QZAzZDuEAtU2xtiHXIOj5X6yYspuYaBhchQWKnR2qTfNhQRUMfloSYn3Y0HqqstCPuTEVKmzrB%2F5pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e126f462c65-FRA
style-frontend-pro.1.20.3.css
www.nyasatimes.com/wp-content/plugins/social-pug/assets/dist/ 		99 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/social-pug/assets/dist/style-frontend-pro.1.20.3.css?ver=1.20.3
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf1330149b58ea530b6d98561b09492c76444eb391ed0252b3cf83b6367c8d92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1902058
cf-polished
origSize=101837
cf-bgj
minify
last-modified
Wed, 08 Mar 2023 16:47:47 GMT
server
cloudflare
etag
W/"6408bc33-18dcd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Cmra87nvzy9qdMEbbFdGmWY%2BOts5fO6gTgTOutG%2BQv6WgHIOG8GdPsD2crro0pD8Arqm9t62lLy7e0YYEz8P7a9hjvvo4jM5CbB%2FPHE6Pv6GSimg%2B0j2tHnpTX2SHA1%2FRlCK%2F7vamOqfzuT8FLJhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e126f472c65-FRA
widget-options.css
www.nyasatimes.com/wp-content/plugins/widget-options/assets/css/ 		1 KB
598 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/widget-options/assets/css/widget-options.css
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8704f607741a4e0a4d82cf024d026c9e7c1d65241250c2223f31dca29a07dc15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16301113
cf-polished
origSize=1046
cf-bgj
minify
last-modified
Sun, 25 Sep 2022 07:22:35 GMT
server
cloudflare
etag
W/"633001bb-416"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPczbzYgDR94xiX3NX4vQcSuQqu7Khj%2BV7D0cHF59IwuMHr2SRD%2FbYyw0aj2aJtCE9lvt7B5PYddL88nIGiq7XfyUwembQhDC9kTOvQRB5fxNkKG3LAe1rfYJwpNo4bv4TmdaCk6fh0l9Fiz4UPnzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e126f492c65-FRA
style.css
www.nyasatimes.com/wp-content/plugins/wordpress-social-login/assets/css/ 		266 B
570 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/wordpress-social-login/assets/css/style.css?ver=6.2.2
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
086dd0789baa90ee55446b3fdfbe2dac6d34db27b6c290db991115df75636571

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
301536
cf-polished
origSize=268
cf-bgj
minify
last-modified
Tue, 13 Oct 2020 12:41:59 GMT
server
cloudflare
etag
W/"5f85a097-10c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upCWzAxT8MaPmhTkY1LzRWwIyZ2GH%2FmHhzB9CWWglPE7osHrGoEX%2Fwx%2BqRxj5YsHYjNiAtktoupeyhR4ayf9MBsqOnZjU9zshoWEUjW354IRYfRupIb4JwGl8U4%2BEdbLa4rB0giRzXVsIoDjXMqwdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e126f4b2c65-FRA
email-css.css
www.nyasatimes.com/wp-content/plugins/wp-email/ 		271 B
489 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/wp-email/email-css.css?ver=2.69.1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59ef094661f1728db1227856980d99c6c660b18ae608226038ab7a987697ae46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
989944
cf-polished
origSize=339
cf-bgj
minify
last-modified
Thu, 20 Jul 2023 00:59:17 GMT
server
cloudflare
etag
W/"64b886e5-153"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjWFX%2FpE5bL%2FbTnsPiwOxFGcQgWckjKVd0UJECbOqrNBUY09RpoZ6jsaW0I3EHAiGmldeiZUU0Lzzq1p5k1a6r0rk7eBqAFS2lHhb%2BQjCI97Ps%2BCyQlbKOsYo41U4uD7xSClH4M638jzNqXiQeBRsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e126f4c2c65-FRA
polls-css.css
www.nyasatimes.com/wp-content/plugins/wp-polls/ 		2 KB
783 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/wp-polls/polls-css.css?ver=2.77.1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31b11a2e634abd7166080ec689881f1152413a31284ab5fdff37ffd2cfac3212

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313306
cf-polished
origSize=2708
cf-bgj
minify
last-modified
Fri, 28 Apr 2023 23:49:09 GMT
server
cloudflare
etag
W/"644c5b75-a94"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REtbEtS0O2hxy9K%2FhiJeb98sOYo5wzqC8k28NZRTTDHl2SLNP2w96uYLTuHvVvIHo1C7DdUj97O95J1Lo16hgX5rFR3LLizgJXlr0VSo%2By8OkuO9ew3dymYodSDYjjwJzJpcrtlCkd%2FA6qqVHgTi1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e126f4d2c65-FRA
twitter-feed.css
www.nyasatimes.com/wp-content/plugins/wp-to-twitter/css/ 		1 KB
812 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/wp-to-twitter/css/twitter-feed.css?ver=6.2.2
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a53bc33c39273359690f66fe69169c7f21746854db5a1541fb76bd1313e2122

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
301411
cf-polished
origSize=1742
cf-bgj
minify
last-modified
Mon, 29 May 2023 07:21:37 GMT
server
cloudflare
etag
W/"64745281-6ce"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdElDz4ksX8DT6VdkTaPqZFqoKwxZ2u3xHcCTxTEcrBbg1Q4gD3e2Sn54M%2FW5s2rXdoognwYKpV0kBytB1nO4FwYKBdTdgfWZt%2F5W81LQ10wCI4d9c9%2BA9BsTymgdg3wz0cMIpyUQ1yAm6DE75tN9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e126f4f2c65-FRA
frontend.min.css
www.nyasatimes.com/wp-content/plugins/wp-user-avatar/assets/css/ 		101 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.12.0
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80a2d7122993ca65b09a265a92ab7275d283afa3edeca1c735f37b0b05490fad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jul 2023 19:21:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
282298
etag
W/"64ac5a43-19578"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRW0e012Y2nG2Bw8MjTDx9jxIHdQ%2Bd%2FhXNU0Jdr2ewTEkx9X%2BGztHHdUuN8K7LXlBOQfpemu0LWsDBTq%2Bm%2B0ErAVjMA2zESjBqn0My7LkPkAZiYBZsiUpcnBapjOeP3WGkKluBr3kYl5OSl%2Blg3S%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e126f5b2c65-FRA
flatpickr.min.css
www.nyasatimes.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.12.0
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jul 2023 19:21:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1780859
etag
W/"64ac5a43-3601"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qkn8Jav5vUNLGFkzPwd9j6EyfBDcAVqdfaX9e3xIswaHwUxMUYjZldhombWFScjmrU1ys26IIpEKFTZmZZfGv9sxdbNBSqqSXAbFqMWwfBfygqJyMHMJfqM1L1f1pQRbRGd%2BealUpRdgomeub2UbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e126f5d2c65-FRA
select2.min.css
www.nyasatimes.com/wp-content/plugins/wp-user-avatar/assets/select2/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.2.2
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jul 2023 19:21:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
282299
etag
W/"64ac5a43-3a75"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZoSkEtivEmc6eTZTfqpc%2F9EL%2FMAnpFrVJ%2BsND13BhsiiFd2wXahR4Bq8i1JLrzQCFGfMdgWwDZHqd5IICjpO5uIsZzipzIpO2smqNMCkzK3Ksbd6aPO1jeOi4LsaEiYcNwwGaxyUxciQmQWACHr60g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e126f5f2c65-FRA
dashicons.min.css
www.nyasatimes.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-includes/css/dashicons.min.css?ver=6.2.2
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
282298
etag
W/"603ffca6-e688"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5BZRvohav4fGowwKp5%2Bl4DrZzm94APsVt2q7r%2F9UV5ZpvWEVuIzAJQKKS2xYtooJ1KGiUsFgimt4SfOiXcMzobxFQBgKOvvGAuSuoHgNK%2B%2Fm%2BZHskCsVe3ZJD0lsONwx2WVzZDC54aR9SgtxNF8GA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e126f602c65-FRA
wpp.css
www.nyasatimes.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 		438 B
639 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.2.1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a391e09587513aa78421c34ed482a17a5e003c2132edd96227d53831a131b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
536129
cf-polished
origSize=1672
cf-bgj
minify
last-modified
Tue, 25 Jul 2023 07:21:36 GMT
server
cloudflare
etag
W/"64bf7800-688"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjLMZo9QpsdyEFMagkCfJrsbFnUBq%2Fj6IFU0sgDj6vV9NfKcGslPa2iPJskVYI3nAApiONvk5OxDx7PGvYYMKgTescYRUUcDRFlgLfyD6UT8Y%2FBaFAqZxeQHJpY8GKKsm%2F23l9XsOutedu6B4%2F6woA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e126f612c65-FRA
style.css
www.nyasatimes.com/wp-content/themes/nyasa2019/ 		190 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/themes/nyasa2019/style.css?ver=1.3
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c043764f2a86eb9a5956c7d47607d277e2f5e9c78599705849539ac951c7653

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16301113
cf-polished
origSize=234534
cf-bgj
minify
last-modified
Tue, 20 Jul 2021 05:37:01 GMT
server
cloudflare
etag
W/"60f660fd-39426"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OPRVri%2B3HoaL32NcylzSGNPaacKhQtKOcwQ8WCLzCQXGaGPvW9VZKIjDpwPDjhwlkjrh%2BgLkNL9G0QG3vR4uPj%2BKbnD8g9T8ipa7Aq2iZHppp1zs1Noiq8Tdl%2Fawe8JB1t7aHdpEVPEkyJvtQhij3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e126f622c65-FRA
style.css
www.nyasatimes.com/wp-content/plugins/newsletter/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/newsletter/style.css?ver=7.8.9
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fedfc9cb55ef860d81685746a7bac6474be8bd713f094ebf5d2b2fcead43f052

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
282298
cf-polished
origSize=5753
cf-bgj
minify
last-modified
Wed, 26 Jul 2023 19:21:36 GMT
server
cloudflare
etag
W/"64c17240-1679"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BWxxoZ%2FJrh5KgLW5LAQUSfSbFmAPR5SpX1AYTHWAcErirxy7zQvTZv%2BJVkKpMhSmFTUm4L%2FvrsXhe9FN%2FTSowWqjKzuvdt74EK2czMvSkNQ9v%2Bb8XiAIA02Qa%2BAUhL%2BkrgaZOm864Nfkk175eZvMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e126f642c65-FRA
all.css
use.fontawesome.com/releases/v5.15.4/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.3
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
037MH5D1EJZS2TX9
age
790124
alt-svc
h3=":443"; ma=86400
x-amz-id-2
4wmkkgsHY9x/BBlY2/qOvAixEFogZyPxVBwjyS/pmO814IwJEFOsCO1whN6ZN8jNFUwrE9xvt9I=
last-modified
Wed, 04 Aug 2021 20:43:22 GMT
server
cloudflare
etag
W/"ecd507b3125edc4d2a03aa6ae5d07da9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwU5NqROjXknsAqxzMNFYKW6snRvGm0yb8deGm6DEb0s6wn2FFecqKQkL2dypMr7V%2FWwWezXDA0kEvPP8Gjp0FGsOR%2BRulAhRU3EVn7UMdvlrPe9zPdxi0OEkHm2UTtY26vDGVy%2FqtSFUgnbpzUo%2BsjY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7ef63e12ae249110-FRA
v4-shims.css
use.fontawesome.com/releases/v5.15.4/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.3
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
48FT40QQ4J0E2Q1B
age
1422583
alt-svc
h3=":443"; ma=86400
x-amz-id-2
nbFrEc/HSSpnv9WyITkoG26mbNZeEaS/PggxnHg8fltQ15hdcvI1vpNZWLcWKf0QF4fYm2bTz0M=
last-modified
Wed, 04 Aug 2021 20:43:22 GMT
server
cloudflare
etag
W/"a034d3c71bee546f625877d7932917f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4U8Jm9klAw897Wm8I895UYUkASb9YrIDHfx8CfzfiIdtCtkt1vQAYDSnkvhsI9Po6E%2FFUx0G1QHjBwZFhTW1xb%2Fzb51fsKEHaLYxzroCyD9UKvTVvGj%2FyVYnoyqbKLZvrp3JNyAHD9HcWavH0Y74Gff"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7ef63e12ae259110-FRA
css
fonts.googleapis.com/ 		2 KB
1012 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=EB+Garamond:700
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3eead5c31242b32b964a0fdc37d7e1d16d41e503ac00a9216bb3872dec08717a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 13:38:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jul 2023 13:38:34 GMT
css
fonts.googleapis.com/ 		2 KB
644 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 11:44:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jul 2023 13:38:34 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.1.1/css/ 		138 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617
age
16170931
cdn-cachedat
2021-06-08 14:36:18
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
53b5576e3eee5c16080f7e14cbccfe17
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
7ef63e129c279243-FRA
cdn-requestpullsuccess
True
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer
https://www.nyasatimes.com/
Origin
https://www.nyasatimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
FQY4723YNQYET66Y
age
2183754
alt-svc
h3=":443"; ma=86400
x-amz-id-2
6yyh9k/N0sEfEdpRj3VFsUYYfUCOm5hHf0DzUvIHU+fMhNHtjY4rUMSBfFTSMy/tSnSkW6F4gPU=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0aEQacvkytWSloJOkPeS5eo3NFC3bUgYCETarCSNlLijdtbOowvaX1j%2Fc7fMxvF3DNFUou8Ciio9X5hmDV07xRTP%2FPLsqrQ%2FUHLXzbRuHZuuMY95lVJHx1ZBWtXcqv71sD5z9bScKz%2FRwQT3wjpgicKu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7ef63e12a95d3621-FRA
nav-style.css
www.nyasatimes.com/wp-content/plugins/pagination/css/ 		870 B
612 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/pagination/css/nav-style.css?ver=1.2.3
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bd7dbb07d154847566c047aec819747188764bb15945bcb61506a06ebd1055e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11295406
cf-polished
origSize=1032
cf-bgj
minify
last-modified
Wed, 22 Mar 2023 19:22:15 GMT
server
cloudflare
etag
W/"641b5567-408"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1WhVB2%2F5JV1hqayaM2Z5QR72aojqjq%2BrjuM3e2PfkljYuV6JPhWYtzMcQMW41AuslQeGflXQ%2BBpgRtgVnnWkKBerbLdSmyE6Ca41grxq8WMHHoAmGv3CWEruFpAMpGzRx9FLymiEzQw2bBGocPMaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e126f652c65-FRA
rocket-loader.min.js
www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 28 Jul 2023 12:04:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64c3aed9-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxuKNPjsXkjkv0ne3%2FTQ2G8%2Fbhvs8AVDgob5pDQFTjv02tid2%2FofrTYhtKLhTbwS3RWL0vXxs5xZiEDbUfLcZL4uG8dufuHS2Wc9kNRAlP5ZCOGQJohO9cu1sjm%2BUvsP0PsFefm63gTDeFcBhW7qFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7ef63e12bfb82c65-FRA
expires
Wed, 02 Aug 2023 13:38:34 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/apps/head/M3fjeLyk7JJhMLomVwSKQ53ZBAg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 31 Jul 2023 11:44:24 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6850
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 31 Jul 2023 13:44:24 GMT
nyasaStyle.css
www.nyasatimes.com/wp-content/themes/nyasa2019/ 		49 B
418 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/themes/nyasa2019/nyasaStyle.css?ver=1.3
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df7ae8fa6fdd13ae233301624fbac06d859f949444e9d04f9aaf648284bb205d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16301114
cf-polished
origSize=374
cf-bgj
minify
last-modified
Mon, 20 Apr 2020 01:58:54 GMT
server
cloudflare
etag
W/"5e9d01de-176"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUK0UWlQN86aGcybXKUTaeLbXtnA0Dtq1nCaZkmnm4Pxly03P%2Fx2qzrdciX3Yy6TC1W7Y6MNJiIu248y114DQVKGJ%2FUG1eRGCmZuxU3KR5IF%2FftxtbKrSzFyo8q6kHz3yksYs2fd%2BA9TC%2FC%2FwQgRRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e12bfba2c65-FRA
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
10826cbc2c4de2a2e27d2883929c5805.js
scripts.cleverwebserver.com/ 		133 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/10826cbc2c4de2a2e27d2883929c5805.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4db2c1a9a26ab0320d238a43b3a06f0a97d4e3b2d65da8529eaaf13c6104d297

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
x-amz-version-id
xbFXxCrNPuncad3qnWammnvLBeqB2iwD
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 28 Jul 2023 15:36:13 GMT
server
cloudflare
x-amz-request-id
PEDRCEND5NQMR2HE
age
196
etag
W/"3a138ec87ca7b7883a5c85fc2a3e5109"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
7ef63e132b9130d2-FRA
x-amz-id-2
PuRCkND9USGu1hpl0pFmrjqxZ+fKHngMo7o3uMg684YV2uUEqb0UXlMm0JidY9TzqMeNKaVv7jw=
expires
Mon, 31 Jul 2023 14:08:34 GMT
truncated
/ 		137 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		137 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
fa-brands-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Request headers

Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin
https://www.nyasatimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JA053VDGRA5NSE94
age
2178042
alt-svc
h3=":443"; ma=86400
content-length
74288
x-amz-id-2
l+bgMYqR7MftG2LdI8VR1wNu9oB7N7pa9ctZqL5WNHGV7z5NKkDXOi3BxPlsy/J5cSDOmi0FZsQ=
last-modified
Wed, 30 Jun 2021 15:44:54 GMT
server
cloudflare
etag
"eac60e8a656781e13d2a674b4d9051c0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rsp%2F1ml3Ryv0gU9OBzHstp6Z75%2F%2BGYrGGkZMHCKe7wv81qpL6ojY9QSR2a22cjhUcDSBcWpk0gIA1%2Boft3yWUWarCPzd3zePrEnLWfxuGhFJaiFcO%2BJYE5MNeygwg%2BEjCQxvzWf%2FRHh%2Fx1ZZEZYdgBqY"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7ef63e12f9c53621-FRA
fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin
https://www.nyasatimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JA0A0X04ZN7CB0MM
age
2183753
alt-svc
h3=":443"; ma=86400
content-length
79100
x-amz-id-2
5A7yLWqjSYKg4gvSvyPH/tCn8P0nagiZ3fLbP2UFxMvG2Wp+yZvEVvd2xqfbQ4lZURb/PhJvQUw=
last-modified
Wed, 30 Jun 2021 15:44:54 GMT
server
cloudflare
etag
"5dc01cfcd5336f696cb85da7ce53fa9b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbGV5gu4jQet%2FOFjbFVN%2FlRBID8rjW39hAk4KiPtYEumg4R1r%2FZuwWL8D%2BOkQyUiE3jq61quk1EPLzi%2F3NbqaFM%2FRKAc3hBAnyjS4lBFzO1inWnzPRy4%2Fzr39MYxHTTMxbaGjaJ2Ji%2FzzRCLamkW8E9N"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7ef63e12f9c63621-FRA
SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-DPNkBI9_.woff2
fonts.gstatic.com/s/ebgaramond/v26/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ebgaramond/v26/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-DPNkBI9_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=EB+Garamond:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
221d91942858f02c7f3f910ba1d9a1de39e5a2c33ef1313b5e7e25d15877ff28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nyasatimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 11:45:48 GMT
x-content-type-options
nosniff
age
525166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21932
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:16:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Jul 2024 11:45:48 GMT
fa-regular-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492

Request headers

Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin
https://www.nyasatimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JA076SMNAR7CG567
age
2164989
alt-svc
h3=":443"; ma=86400
content-length
14872
x-amz-id-2
JLvlNZ8Hl8KoFuwYWqNyh/+0fJXT8scuz87I7aBeaXD/LDz4LM4+LMnptyOVTG92UgoChz3wzDw=
last-modified
Wed, 30 Jun 2021 15:44:54 GMT
server
cloudflare
etag
"4b218302f9057d02864d4909661831e9"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FeVI%2BcGqIoCfAGKHpwMFNyLjHIpdvkj5G6VIsBxvDqScIWhYjPhUyivsUqzZRIQyBOv%2BBccXfdLx1fLR3gICbJ4DhUIsuR7%2BoeSUjYvbcgT4m1M8NOkC2aH7pCihNHwi3Ar9A6vcQRdhXbLgLN%2FaeBo"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7ef63e12f9c73621-FRA
query_renderer.js
www.google.com/cse/ 		0
0
maxmegamenu.js
www.nyasatimes.com/wp-content/plugins/megamenu/js/ 		20 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.2.2
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdc6c2e3fda2bdac577c0067ff2b324447b2fa38f8fa20f1624edbd87b6c38b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7836464
cf-polished
origSize=32887
cf-bgj
minify
last-modified
Mon, 01 May 2023 19:22:37 GMT
server
cloudflare
etag
W/"6450117d-8077"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSycSoDL3619D5yebx6f8uk1DhxWdg3XtBunnAf4UXxUq1zXRxOT%2BywPmYUk7XvxR4Rw15exQ02bBjATYfa5Db02mhT5tQUpcGTsJVp4cpoKHz8Voj9xXUXFK57u0xpUqUnRqC0tr8lPjVK8i4yFpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1368de2c65-FRA
hoverIntent.min.js
www.nyasatimes.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 04 Jun 2022 16:16:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
247731
etag
W/"629b8553-5db"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u73U5W8Rb01RaD08UD1hEDHDY7ioM7i%2BpDUj8pgjGjMOjuLYnBsyfDU%2FRpuN7LIpI8dLgpkD1tSymaco9z8brDjNhRO8LqUIqmENPWhoHhLJPJw7YmCHLdZbefErDWd%2FwKCuLY1%2BHhOdR5eL%2FqCeLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1378df2c65-FRA
smush-lazy-load.min.js
www.nyasatimes.com/wp-content/plugins/wp-smushit/app/assets/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.14.1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Jul 2023 19:21:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
259691
etag
W/"64becf42-1ef2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rb03mBCZXMZ5xj7mjmn5YmY%2BwmilqJ1sR2LLLpeH6hJeOPT8IZSBEDwmLnFoT7cJZtWN7lOlbcaDUmlbHoGyH%2Bp%2BGW2dMNB90gj8%2FwtEDefNU75P5eSqsyzGBBCt2uLBEHdJ1NgNm2cETIzUnp5Itg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1378e02c65-FRA
lazy-load.js
www.nyasatimes.com/wp-content/plugins/lazy-load/js/ 		568 B
612 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/lazy-load/js/lazy-load.js?ver=0.6.1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f80415ceb19e9bed88e56f5ddd98342d33a5b2c5dbc22e8bff5606d04365a4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
263689
cf-polished
origSize=902
cf-bgj
minify
last-modified
Fri, 14 Apr 2017 06:04:40 GMT
server
cloudflare
etag
W/"58f06678-386"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FA01Y%2Fr3qAZ4MeTPOs7nO9xNAE%2Bo1oFnX0W%2BT3kABW6JvNc4ADZGbQzDqQy5t6LiH1fwQ1obfVbkjVULRPFMHvJt9ZLPBMGqjnx7czSfjuHXb8F6C4J39DBBDlIRff5cLVnO%2BxNk7fu3ilB7saaNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1378e12c65-FRA
jquery.sonar.min.js
www.nyasatimes.com/wp-content/plugins/lazy-load/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/lazy-load/js/jquery.sonar.min.js?ver=0.6.1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Apr 2017 06:04:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
247731
etag
W/"58f06678-580"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKYhjX1yfBLdwHwAPlf1tKldwhy5MVb4vli%2Bfcohmfdagjzd1QUuiI1P1QNDqcduMwHeW3qc7TQhjnok2j3fnkDTmd%2FIsjNxBNJ6SFBnP7ygt7yFgPsEfJWTQ2BY1yzldkoQ7X2Ai%2BEWUfBkjlXwGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1378e32c65-FRA
touch-keyboard-navigation.js
www.nyasatimes.com/wp-content/themes/nyasa2019/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/themes/nyasa2019/js/touch-keyboard-navigation.js?ver=1.1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f946a58a09b12100b963479c4c8a43a8ec086cc6d8f7f1f58d4e30235feef0e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1203079
cf-polished
origSize=9427
cf-bgj
minify
last-modified
Mon, 20 Apr 2020 01:58:49 GMT
server
cloudflare
etag
W/"5e9d01d9-24d3"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpvqlYsKDLHZ6Dnz3CWHpbw%2BJmInr8cDp41vaD5VKa2podWE%2B49f6QXjkZoxxzH7B9Tx%2BIxVfXqFjfaX2tLPJUIh94Nn6MVWyAFmkagQ2q2%2BqESFUXy%2BTw93H5xnnL1%2BxMcELNYkqkhWZZ7O5uEg2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1378e42c65-FRA
priority-menu.js
www.nyasatimes.com/wp-content/themes/nyasa2019/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/themes/nyasa2019/js/priority-menu.js?ver=1.1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e950e25bc84e3bdcc5020fc4aa31445faeeaca79fe514759bfb673e060498b9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
247731
cf-polished
origSize=5355
cf-bgj
minify
last-modified
Mon, 20 Apr 2020 01:58:48 GMT
server
cloudflare
etag
W/"5e9d01d8-14eb"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IaTieRulWoSgJOy9EUDtAqB%2BYlg%2Bwotudt05N7xwD60gLter5pw9CYQx%2Fa2tX5p7vxvd7sbYUrun5qDyahBSRYFqLHVDCPQ4w1NAMKKhlzhMJRaYd38iumw%2FiNDg6dNROtK5WCujw5APpkdUF%2BSUAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1378e52c65-FRA
nyasaFunctions.js
www.nyasatimes.com/wp-content/themes/nyasa2019/js/ 		250 B
484 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/themes/nyasa2019/js/nyasaFunctions.js?ver=1.1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df74cc44b003d2e43bfb7ad76eb3f5efe29d04d9d2573fc83db1f9feb25694a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
263688
cf-polished
origSize=291
cf-bgj
minify
last-modified
Mon, 20 Apr 2020 01:58:48 GMT
server
cloudflare
etag
W/"5e9d01d8-123"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5b%2FDiWkMTxokdeZICVZfPj8UMOFeYuVmvXk8SMbnMeIMVIfDJTQ5mG2kUwE0YJ%2BCjJmzsSbv4QtCBvq3bOFN1t8w%2BNjH9iYm0M6bN39XMIOMJY6wRQMmVbiwEvvgSr%2FcimY5QcKQMiiIgv7mcKbZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1378e82c65-FRA
frontend.min.js
www.nyasatimes.com/wp-content/plugins/wp-user-avatar/assets/js/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.12.0
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b17fe7091c0ec8e16acb022f3de1fe6f3ddaf4822eff6010a2c7563e34da7789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jul 2023 19:21:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
290576
etag
W/"64ac5a43-46cc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENbTDZZNhHCUQWxBTcG2xMK5OoiaV5xdauL8vrUvkvpLzwtloGIlPrKnmKsZ26MRn3y20TejwloCBy674ejLH3Nl58pCA4cA9FwL6lLGoW%2F9IN41Lb65B0%2BPPuznZcrUwEp6j0EkcDsTGs%2FHkpmq%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1378ec2c65-FRA
polls-js.js
www.nyasatimes.com/wp-content/plugins/wp-polls/ 		3 KB
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/wp-polls/polls-js.js?ver=2.77.1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 28 Apr 2023 23:49:09 GMT
server
cloudflare
age
290576
etag
W/"644c5b75-caa"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnGpz58dXlpzRoepBrFcd49TYcrnEAVZL%2FLTd0wGBgmXRVxkdcGOiy97Fe2pJJ%2BjS4HDtX3wUtaFOP9Z2a37hlYXW4Sfd9izsv2yxUZxgOAfQ2HfEtN%2FMdAqrZpGJIifSuzbPKO6QgWvwdboUZLRxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1378ee2c65-FRA
email-js.js
www.nyasatimes.com/wp-content/plugins/wp-email/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/wp-email/email-js.js?ver=2.69.1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8f2c9cc3007a04609cd1f2bd817334f7a2f2cef686bb41666ccb7d813963145

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
989945
cf-polished
origSize=4494
cf-bgj
minify
last-modified
Thu, 20 Jul 2023 00:59:17 GMT
server
cloudflare
etag
W/"64b886e5-118e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruBusz8ApvCEBTdLBg5ltv7Cl%2FZV7kP7bpTGLq9gQkpN%2FTiNizLgjSW1NweeOHcOApcxlHct3GMVtw1608WnrbLmrst0DiZ4W%2F%2FExdPF4brlpEMybd7J1OfivyiOuL%2F0G%2FOF6aMoG1LgUD4IxzPTcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1378ef2c65-FRA
mailoptin.min.js
www.nyasatimes.com/wp-content/plugins/mailoptin/src/core/src/assets/js/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/mailoptin/src/core/src/assets/js/mailoptin.min.js?ver=1.2.62.0
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56766118b2d88ec07a91240cd9d5ddaa7ede6b39b4578d3fcfbb76e6a1794e5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 29 Jul 2023 19:21:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
105990
etag
W/"64c566c2-b045"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PO1mZy9iWgooP23wEUVuzojzlDtQshVFMy71hPyhXR62F5ERo01tntj%2FlH3PAtnUTF17ABJMw4z%2Barqeaq8Y8Cp4IipBKUtvx1md7iwSVx0xEloUsO0rkj0gb793jDbggP09gwbszpAHr9%2BYyuTbFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1378f02c65-FRA
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.62.0
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 12:36:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176541
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 12:36:13 GMT
sly.min.js
www.nyasatimes.com/wp-content/themes/nyasa2019/addition/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/themes/nyasa2019/addition/sly.min.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8dc09e4ddc3c326ef6341498e7e8e70af3a848713429b909be53c947b43da10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Apr 2020 01:58:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
247731
etag
W/"5e9d01d6-48de"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGocT%2B57mCc7W482%2F6SPoohksmgn4IhLTFrU88ZU6InzNmGArk6j3p1Pg8Hpj5cFLJEJF9pSG%2BUIIGQYojLv%2BTCjQ69%2BbgDqboRlJ4cw3pAS2Kacax4m%2BGksk0TrVWLHgYvN%2B8suAYZkUDul%2Frfy%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1378f12c65-FRA
jquery.newsTicker.min.js
www.nyasatimes.com/wp-content/themes/nyasa2019/addition/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/themes/nyasa2019/addition/jquery.newsTicker.min.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8dc6a157ad70bfed83a655e508234cf8f9b136d56fea918d05216338f314e6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Apr 2020 01:58:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
263686
etag
W/"5e9d01d5-e53"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5z%2FuDkZdDRfYW7ptuFXNVl5Jixbl5CvxPV52vuy3jyCEBCO%2BQ3V8ZsSjZ3jh9%2FMzeOIgUP8dooL%2FDFt6yfEcOmKHRy5AfDDP6c9nMh8FfEb4J1uKTKhhzPnNYqth67d0XFP7LeogpUaBrtw9i8JEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1378f42c65-FRA
plugins.js
www.nyasatimes.com/wp-content/themes/nyasa2019/addition/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/themes/nyasa2019/addition/plugins.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4caac45d7fcf22918f1d9ff3905b22a5960cf631f50ca2a8b3bf1e84af10063

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1883834
cf-polished
origSize=4802
cf-bgj
minify
last-modified
Mon, 20 Apr 2020 01:58:46 GMT
server
cloudflare
etag
W/"5e9d01d6-12c2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjmM2Twb8wwW%2Bpf4PEB2nXvYr3tQmD0f%2FRy3KmPqasaEmpvf%2FI1WWdo4xUXC%2BSXjyes%2BWaBUbJU4qBnQEQ2vu6QwMfzvQTiXewqmzmF5FsHa%2FyQwEBRfs0NKabTKnE170Epz8DO7rzWJ8ffy4ZS9gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1378f52c65-FRA
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
601
age
8150580
cdn-cachedat
08/04/2021 06:22:15
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
59449c1b7ccb1cc51395309c366dc448
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7ef63e137d189243-FRA
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.0/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 16:37:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162049
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30768
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 16:37:45 GMT
nyasatimes_18120.js
ads.vidoomy.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/nyasatimes_18120.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
f67458c8ccf0751a52dc1519d75ba355c8c8ffb2028b6aee4a9145629e975333

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:38:34 GMT
Server
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
5144
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0db5385d1dbc5739d88e22c6c2107924ccc02b77096723764a82fb67ff7e37a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27721
x-xss-protection
0
server
cafe
etag
102 / 19569 / 31076634 / config-hash: 8635427059522567014
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:38:34 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
380e7e97e28c3a505dfdfde6dd4dc626b904a062bbf0cce024dd3186aa4b8f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50662
x-xss-protection
0
server
cafe
etag
15603344438087337014
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:38:34 GMT
dmedianet.js
contextual.media.net/ 		101 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CUR7UQX1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.208.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
42923a1800bbdce3e53d63be7cbdfaed8a613fe27ededb8c443e434d257538bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-mnt-h
21-3rb1
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 31 Jul 2023 13:38:34 GMT
server
Apache
etag
"1917453d059bd896a786f835f9e99eb0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-qc9v
timing-allow-origin
*
content-length
38706
expires
Mon, 31 Jul 2023 13:43:34 GMT
js
www.googletagmanager.com/gtag/ 		188 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FKDMWW05QH
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8686a38f30ea14d4b7a8c48415d75633a10910c6ceee1d8d67dc44aaee109d7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
70792
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 31 Jul 2023 13:38:34 GMT
wpp.min.js
www.nyasatimes.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.2.1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7081b35bdd0f1ba60fcb80e1ef5bc535b4010d10bd97cf40a362e67819ab5e98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jul 2023 07:21:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
504946
etag
W/"64bf7800-11aa"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZg0LiO0i6Dp%2Ft88VUtYLakFV8atAYFnwwvOd%2BtsHgeh4CbsB5l6Bsuaxzh4d2BBoVFIV58k9pIWYQQhnRPz5MUoTFlVSzzv1Iq4CycjxMjYgvg6P3Vn5vNyux%2F0A%2FPzGxpeR%2FQgmdlB%2FLfemyTLvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1378f72c65-FRA
select2.min.js
www.nyasatimes.com/wp-content/plugins/wp-user-avatar/assets/select2/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.12.0
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jul 2023 19:21:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1203079
etag
W/"64ac5a43-114c3"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiD33H%2FD7ymPoj0%2B2RnFvLEXivdV9JV3eOSU0gTo%2B1bfo9iAWq6T%2Fs9P6JhroWBNynu44eLoq%2Bt3UkTP2Yy%2BoLQ25xTmC12gBrgf6CRpC9n5Bcq28qTqF7yNo7xUfWjq9Z%2BB5wEGdQT5RBbqSvT%2Fow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1378f82c65-FRA
flatpickr.min.js
www.nyasatimes.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.12.0
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddbda21655c0c2cb09913a9e33d856a8b8f3e1eae610cdbda8524def2dc71f7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jul 2023 19:21:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
247731
etag
W/"64ac5a43-c5a4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPJ3VKkOpSnJGUvWS64frVDzNZ6s%2BncGDD65mU8fD6gMhmVHrgkQmfX4k4a0dZdXbTDZYgPTwBwHTerPRqlt4iSamHcod9T1px9axo8kA58LoVhLb3%2BA0h3bZH46q7mMxRieAZpEmAqnCC%2BWC56ZgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1378f92c65-FRA
jquery-migrate.min.js
www.nyasatimes.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 03 Apr 2023 19:33:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
247731
etag
W/"642b2a23-3470"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmT2fnc%2FmSdmu8IWJj7%2BOQVy3LuyfR7x%2BPz3tHXXQhx7wKgX7szyCrze5F1ilmoGVGTa3mZJP%2BQW5iVo%2FaJxD98c8Jnp9kdUnZwcDvrWPcYClMQLNYfAmu7eA06xyCA%2FkYweOwTjPhPug1ZWMiz%2B7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1378fa2c65-FRA
jquery.min.js
www.nyasatimes.com/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 03 Apr 2023 19:33:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
333833
etag
W/"642b2a23-15ed7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7vVI0YeEgmeF2tQoGwiY14KUwoK0tiaXHXPPPWTh%2BAOZ%2B%2B7o9hvWLgUHP8F%2B6OXplmVbtszDRXbw0blNAqkqDI%2BrYvgksG5UHsj4BHRRtcd%2BVH6xbAilMfWxWr1rNn1VsNw8xl225LTJDcXvCFEHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e1378fc2c65-FRA
collect
www.google-analytics.com/j/ 		15 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1332141835&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nyasatimes.com%2F&ul=en-us&de=UTF-8&dt=Malawi%20Nyasa%20Times%20-%20News%20from%20Malawi%20about%20Malawi%20-%20Malawi%20premier%20news%20source%20updated%2024%20Hours%20a%20day%20Nyasa%20Times%20-%20Malawi%20News%20-%20Malawi%20Politics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1703648832&gjid=1056791848&cid=1086207001.1690810714&tid=UA-2751252-2&_gid=176002108.1690810714&_r=1&_slc=1&z=2146605979
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5501dbf0d7b8c4b63f89aee3c34e78bb4b30dcef3b31a58246feb5e06c0bcabc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nyasatimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:38:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ui.cleverwebserver.com/ 		160 B
197 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37996a4c1f063a0e1546f563e8bd6b45c90f346f48a0a35a70f6a53467a0cdf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ef63e13fca430d2-FRA
content-type
application/javascript
js
www.googletagmanager.com/gtag/ 		221 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2Y6WYB46WC&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
28c4b0cffe3deab325e86ffa45c5f40e2c13e4e6db70f29e1726e4e077d65ce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79960
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 31 Jul 2023 13:38:34 GMT
/
call.cleverwebserver.com/ 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://call.cleverwebserver.com/?id=34090&c=DE&r=null&l=56&b=Chrome&os=Win10&mob=0&v=1.45.8&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&ruri=&iv=-1&ctr=DE&sz=1200
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ef63e145d2a30d2-FRA
content-length
43
content-type
image/gif
collect
region1.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2Y6WYB46WC&gtm=45je37q0&_p=1332141835&ul=en-us&sr=1600x1200&cid=1086207001.1690810714&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.nyasatimes.com%2F&dt=Malawi%20Nyasa%20Times%20-%20News%20from%20Malawi%20about%20Malawi%20-%20Malawi%20premier%20news%20source%20updated%2024%20Hours%20a%20day%20Nyasa%20Times%20-%20Malawi%20News%20-%20Malawi%20Politics&sid=1690810714&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2Y6WYB46WC&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:38:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wp-emoji-release.min.js
www.nyasatimes.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 03 Apr 2023 19:33:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
247731
etag
W/"642b2a23-4904"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2rz5Y%2BhCO6DJQyVYYP4J4U5wbJyHD72qMzUMpY3YIVVkS2dT9pbUtkEb1DcWAmryM%2F1YCL2LfSHmOAhzMsU56iJIantS8W29Sko%2B1EuXiWn28LhjDO5e0KYOcU%2F1pky6qoDiIPNWc2QsGgLElDlgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ef63e14dacc2c65-FRA
otbsIu5B1ADm6WfVcR8Zc-iCydrinBppxVUROdXidoTBwND7orK255k9qWkc4OMCrnAaQRGw2U_34risbp8QI6bKAjw1UZplpM-c2QtQovHZdOw4ENyP1ir3Lxy71qmrlzdvynk_Q
steadfastsystem.com/v2/0/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://steadfastsystem.com/v2/0/otbsIu5B1ADm6WfVcR8Zc-iCydrinBppxVUROdXidoTBwND7orK255k9qWkc4OMCrnAaQRGw2U_34risbp8QI6bKAjw1UZplpM-c2QtQovHZdOw4ENyP1ir3Lxy71qmrlzdvynk_Q
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:6072::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
75eba8fe9c854250c1fbd281718aad7ee3d6d963210145cdd54f2ced17469682
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Mon, 31 Jul 2023 13:38:34 GMT
x-datacenter
gce-europe-west1
etag
"16a17d5e193d7f9355018fd15bd820b4bffbf4442e6b2b0250251677c8f92f49"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-f5xl
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
946550297
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1332141835&t=pageview&_s=2&dl=https%3A%2F%2Fwww.nyasatimes.com%2F&ul=en-us&de=UTF-8&dt=Malawi%20Nyasa%20Times%20-%20News%20from%20Malawi%20about%20Malawi%20-%20Malawi%20premier%20news%20source%20updated%2024%20Hours%20a%20day%20Nyasa%20Times%20-%20Malawi%20News%20-%20Malawi%20Politics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAACAAI~&jid=&gjid=&cid=1086207001.1690810714&tid=UA-2751252-2&_gid=176002108.1690810714&z=1102063521
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jul 2023 23:42:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50145
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		188 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FKDMWW05QH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2Y6WYB46WC&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
238737450894210282469410cc7d6e03124ddbd43dcae14783d0570220f8cfa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
70925
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 31 Jul 2023 13:38:34 GMT
loader.js
cdn.taboola.com/libtrc/nyasatimes/ 		236 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/nyasatimes/loader.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2c1801c35c6b674fa41dbac260e0373a1bd07b52fe25261cec4a1434f1e80eed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
npFpCaA62NcG9BvXeWI523s_cHzKHTyM
content-encoding
gzip
via
1.1 varnish
date
Mon, 31 Jul 2023 13:38:34 GMT
x-amz-request-id
G7HNKZBV3SBQYJ1R
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-from-cache
1
x-envoy-upstream-service-time
9
x-amz-replication-status
FAILED
content-length
45225
x-amz-id-2
a4HjBju7DqeRejZPlkK9NmxMzu0wwR+gYi5JrQBUeFrX++l+S7kJEflyI07ZBlTwJy3zyfVEcVs=
x-served-by
cache-fra-eddf8230113-FRA
last-modified
Mon, 31 Jul 2023 12:58:32 UTC
server
nginx
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690810714.437551,VS0,VE42
etag
"ff295150c76833e891728b889376ae67ee42a45f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
13
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307240101/ 		364 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6272874513322487&plah=www.nyasatimes.com&bust=31076425
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0dcbd46cde73764ea9a1f2c69f74e8698554cc932ed7cdd09c96e9caee25345b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127831
x-xss-protection
0
server
cafe
etag
1701616569905008894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:38:34 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/ Frame 9557 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nyasatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
12821
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 10:04:53 GMT
etag
12368291122986407432
expires
Mon, 14 Aug 2023 10:04:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307270101/ 		387 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307270101/pubads_impl.js?cb=31076634
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ade4279c3b32472f61c35484d70ba1cec2deea85e6061832e6998dfad85e85c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 11:36:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
7326
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125684
x-xss-protection
0
server
cafe
etag
12611934720420487755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 30 Jul 2024 11:36:28 GMT
collect
region1.google-analytics.com/g/ 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FKDMWW05QH&gtm=45je37q0&_p=1332141835&gdid=dZTNiMT&cid=1086207001.1690810714&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690810714&sct=1&seg=0&dl=https%3A%2F%2Fwww.nyasatimes.com%2F&dt=Malawi%20Nyasa%20Times%20-%20News%20from%20Malawi%20about%20Malawi%20-%20Malawi%20premier%20news%20source%20updated%2024%20Hours%20a%20day%20Nyasa%20Times%20-%20Malawi%20News%20-%20Malawi%20Politics&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FKDMWW05QH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:38:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
formats.js
ad.lkqd.net/vpaid/ Frame A732 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1690810714.cds231.fr8.hn,1690810714.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame EBB0 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1690810714.cds231.fr8.hn,1690810714.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
auto-user-sync
ads.stickyadstv.com/ 		43 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:38:34 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1690810714655027-385
Expires
Mon, 31 Jul 2023 13:38:34 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nyasatimes.com/
Origin
https://www.nyasatimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
324823
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6098
last-modified
Thu, 22 Jun 2023 11:16:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942d84-17d2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2Fd85fnYrWlvcmtoKNvmxOaLRLEpQ3XAc4Pisj2hMwyxSwBgAOXPTbWEtvQY9olT5zzILwOTDdo3kWwCYeyKiPNtcjxpaXhSqVAZne8s%2FmqFh9%2BBIsNmL5elXT8jjh6FZaoK7A5IWuqZyI8A3IuHlQ11"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ef63e16196d9031-FRA
expires
Sat, 20 Jul 2024 13:38:34 GMT
impl.20230731-6-RELEASE.js
cdn.taboola.com/libtrc/ 		790 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230731-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nyasatimes/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
893b8c01f38f7d5ba1525463505f7c6301efdf0cd7489f1e5d35e89553cb3799

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
QhyK_xfx2v5PYs4cYcW.aq9JyRbAbkQb
content-encoding
br
via
1.1 varnish
date
Mon, 31 Jul 2023 13:38:34 GMT
x-amz-request-id
DB2578Y77QA58C2C
age
15387
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
167366
x-amz-id-2
BH5642NHQ1GQTuKgHP7unXqHbOnjO50JV8sJxg24MPKZrfIm5DACbs8YWaX1QKsWAGhoHaTF8pI=
x-served-by
cache-fra-eddf8230113-FRA
last-modified
Mon, 31 Jul 2023 09:22:08 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690810715.573105,VS0,VE0
etag
"16731059c2be671607df18f11e63f027"
vary
Accept-Encoding
content-type
application/javascript
abp
33
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
61299
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0fb18064e93dcb5c81e299d654eefd343783121ecaee48efe564f1645c98e5dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 31 Jul 2023 13:38:34 GMT
content-md5
QwMjPkowdkyJBbylBlN2Vg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
oUJipWTOOKdwhCR1RVXWqXhcoyMJJ6yBny6rYiTEXaKgGJrvR9KnvPGEd+wsGT8mYwLVxFa1Bt1waBSsf+E/TA==
x-fb-content-md5
ed16cd2cf2a1c8120fe335ebacc70d81
cross-origin-opener-policy
same-origin-allow-popups
etag
"ad7ea4d01bcdf93f32b5bc3a13509b3d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:45:26 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		12 KB
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3708375072521124&correlator=791347602349996&eid=31076634%2C31070232%2C44769662&output=ldjh&gdfp_req=1&vrg=202307270101&ptt=17&impl=fifs&iu_parts=4176794%2CNyasa_Article_sidebar_block%2CNyasa_Category_Header_Block%2CNyasa_Category_Sidebar_Block%2CNyasa_Common_Header_position1%2CNyasa_Common_Header_position2%2CMiddle_Above_tabool_Below_National_block%2CNyasa_common_sidebar_position1%2CNyasa_common_sidebar_position2%2CNyasa_common_sidebar_position3%2CNyasa_common_sidebar_position4%2CNyasa_Common_Top_Below_Menu%2CNyasa_Home_Slider_Main_Block%2CNyasa_Home_TV_National_Block%2CNyasa_Home_TV_Politics_Block%2Csidebar_near_sports%2Cbelow_sports_block%2Cabove-politics-banner-block%2Cnyasa-above-national-block%2Cnyasa_home_page_taboola_ads%2Chomepage_below_national_taboola_spot%2Cnyasa-sidebar-position5&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18%2C%2F0%2F19%2C%2F0%2F20%2C%2F0%2F21&prev_iu_szs=300x600%7C300x250%2C728x90%2C300x250%2C728x90%2C960x90%2C960x90%2C300x250%2C300x250%2C300x250%2C300x250%2C960x90%2C300x600%7C300x250%2C300x600%2C300x600%2C300x600%2C728x90%2C300x600%2C728x90%2C320x480%2C300x250%2C300x250&ifi=2&adks=1801456199%2C1950623358%2C3010452982%2C1568645639%2C4017240066%2C374385371%2C1466105136%2C177676931%2C3789237611%2C2364952587%2C116743872%2C3840145581%2C4173879494%2C4066301068%2C2082777274%2C1780114845%2C158462088%2C174435938%2C2104184255%2C2444207991%2C1461351461&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1690810714644&lmt=1690810714&adxs=-9%2C-9%2C-9%2C578%2C-9%2C105%2C1140%2C1140%2C1140%2C1140%2C320%2C653%2C105%2C1145%2C-9%2C105%2C120%2C436%2C543%2C-9%2C1140&adys=-9%2C-9%2C-9%2C35%2C-9%2C1345%2C2336%2C3771%2C4866%2C5168%2C79%2C105%2C801%2C1360%2C-9%2C3212%2C1345%2C743%2C1345%2C-9%2C5470&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C0%7C-1%7C1%7C2%7C3%7C4%7C5%7C0%7C0%7C0%7C6%7C-1%7C7%7C8%7C0%7C9%7C-1%7C10&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.nyasatimes.com%2F&frm=20&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C946x1%7C0x-1%7C960x0%7C300x250%7C300x250%7C300x250%7C300x250%7C1600x0%7C300x0%7C417x500%7C320x520%7C0x-1%7C1014x0%7C422x600%7C1390x0%7C591x600%7C0x-1%7C300x250&msz=0x-1%7C0x-1%7C0x-1%7C916x0%7C0x-1%7C960x0%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C1600x0%7C300x0%7C300x-1%7C300x-1%7C0x-1%7C728x0%7C300x-1%7C728x0%7C561x480%7C0x-1%7C300x-1&fws=2%2C2%2C2%2C0%2C2%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C2%2C4%2C4%2C4%2C4%2C2%2C4&ohw=0%2C0%2C0%2C0%2C0%2C1420%2C1420%2C1420%2C1420%2C1420%2C1600%2C1420%2C1420%2C1420%2C0%2C1420%2C1420%2C1420%2C1420%2C0%2C1420&ga_vid=1086207001.1690810714&ga_sid=1690810715&ga_hid=1332141835&ga_fc=true&dlt=1690810713966&idt=612
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307270101/pubads_impl.js?cb=31076634
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7dcba34437763d6fcd207c0db28ee8446ba6377affc4f00a3b0e1f8976277404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
638
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3d44b71d3c52cdd2c4a6fd34416e8c00.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 620E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d44b71d3c52cdd2c4a6fd34416e8c00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307270101/pubads_impl.js?cb=31076634
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nyasatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:38:34 GMT
expires
Tue, 30 Jul 2024 13:38:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.html
ad.lkqd.net/cookie-sync/ Frame 523A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Mon, 31 Jul 2023 13:38:34 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1690810714.cds231.fr8.hn,1690810714.cds226.fr8.c
ad
v.lkqd.net/ Frame A732 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c4=true&c5=&c6=62144&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=55469766&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
d3c101a3a697ae472703105ac8f906a5af0cbe3f325319fb41ff13e8d602660d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1417
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230731-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
220127
expires
60
json
trc.taboola.com/nyasatimes/trc/3/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/nyasatimes/trc/3/json?tim=13%3A38%3A34.727&lti=deflated&data=%7B%22id%22%3A579%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1690796109472%2C%22vi%22%3A1690810714721%2C%22cv%22%3A%2220230731-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.nyasatimes.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.nyasatimes.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6500%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22organic-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Sidebar%20Thumbnails%22%2C%22orig_uip%22%3A%22Sidebar%20Thumbnails%22%2C%22cd%22%3A2336.28125%2C%22mw%22%3A0%2C%22amw%22%3A327.5%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CSidebar%20Thumbnails%3Dorganic-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230731-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
96655b4832003672cac500e6079e0b4d28c64b91ede43612d302ec059bfee2a5

Request headers

Referer
https://www.nyasatimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
76
date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
7265
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230113-FRA
server
nginx
x-timer
S1690810715.751484,VS0,VE76
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.nyasatimes.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
cookie.js
partner.googleadservices.com/gampad/ 		395 B
334 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.nyasatimes.com&callback=_gfp_s_&client=ca-pub-6272874513322487
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6272874513322487&plah=www.nyasatimes.com&bust=31076425
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0e618481ea4d1ed6ac8ce59747a2ea42bbe13fbcb462c2d301891ff21e9d53f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
254
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C6BC 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&adk=1812271804&adf=3025194257&lmt=1690810714&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690810714425&bpp=19&bdt=459&idt=307&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2790698199253&frm=20&pv=2&ga_vid=1086207001.1690810714&ga_sid=1690810715&ga_hid=1332141835&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076409%2C31076425%2C42531705%2C42532317%2C44788441%2C44798156%2C44769662&oid=2&pvsid=3708375072521124&tmod=1669594165&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=354
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6272874513322487&plah=www.nyasatimes.com&bust=31076425
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1de51499abe09b8c8f6b804fa2cd9c2678cb1da29af22981f54b10fc482e196
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nyasatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
4474
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:38:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
usync.html
ad.lkqd.net/cookie-sync/ Frame 1A72 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Mon, 31 Jul 2023 13:38:34 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1690810714.cds231.fr8.hn,1690810714.cds226.fr8.c
ad
v.lkqd.net/ Frame EBB0 		180 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151942&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c4=true&c5=&c6=62144&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=73635890&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
sdk.js
connect.facebook.net/en_US/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=7e3fa7460cd93363b01e6225aef4c1a7
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1c8a397874e44fdae2d8a9e5f7da22bb86da5052eb00841c890b9da80cea068b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.nyasatimes.com/
Origin
https://www.nyasatimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 31 Jul 2023 13:38:34 GMT
content-md5
Bp+7pRc6QXs9KC98kJBTfw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87282
x-fb-debug
dtg5i+SphLYJVqwKfosJaJAMNywnmGGfZg+oE6yQByMBEAmqr1vzXOVKroPNhyi4eyhqeQ/Ncl3pnIIM7zu1RA==
x-fb-content-md5
61e51a1c37fd061b58cd556abe4d6e68
cross-origin-opener-policy
same-origin-allow-popups
etag
"bc89487f6b64f0ee3ea30896cc64388b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Tue, 30 Jul 2024 11:35:32 GMT
cs
cs.lkqd.net/ Frame 523A
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e0bcd262-9740-45f4-9cdc-a28dc78f26d2
43 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e0bcd262-9740-45f4-9cdc-a28dc78f26d2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e0bcd262-9740-45f4-9cdc-a28dc78f26d2
date
Mon, 31 Jul 2023 13:38:34 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 523A 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 523A 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 523A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8595048832277020971
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8595048832277020971
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8595048832277020971
pragma
no-cache
date
Mon, 31 Jul 2023 13:38:34 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 523A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=wgt504sWVeJRypPFKsjF9FFfBSU
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=wgt504sWVeJRypPFKsjF9FFfBSU
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=wgt504sWVeJRypPFKsjF9FFfBSU
Date
Mon, 31 Jul 2023 13:38:35 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
userx.20230731-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230731-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nyasatimes/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
173c5232fc94635df462181cf6ffeeaecc0ce9604a65d33e64ecf1e28543d8f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
b.LxcSy4x.oWobAvxHK7oOSdoFQwVh8G
content-encoding
gzip
via
1.1 varnish
date
Mon, 31 Jul 2023 13:38:34 GMT
x-amz-request-id
VNXZ1NZ6HVWST3VS
age
13160
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
qHM0BOgx4bLBaUclllFIDNhUmcCbAwqeYEAfAXNVFFivr0XAIQEcXuYhu7RO1k8J5d/SpJPxs68=
x-served-by
cache-fra-eddf8230113-FRA
last-modified
Mon, 31 Jul 2023 09:59:15 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690810715.883399,VS0,VE0
etag
"4633f109c0e362cb40c332c3e03c7e19"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
26
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
11769
distance-from-article.20230731-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230731-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nyasatimes/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24011b4c797fe6c785e814b4ca1ab08109552ab9defeaae981e06163eb196bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
HzdPm.0YMVU8S948jvcVyl4DxlVgK1GL
content-encoding
gzip
via
1.1 varnish
date
Mon, 31 Jul 2023 13:38:34 GMT
x-amz-request-id
7NSFZ0XTA4TS26RF
age
13203
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
9Phu0wk+CjDZ4uPnn+Kb1FhShww7JrCEmqdWk2f3GQc9/dN7WuTA2l80PCkjymchpvM/oQtnrFk=
x-served-by
cache-fra-eddf8230113-FRA
last-modified
Mon, 31 Jul 2023 09:58:32 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690810715.884087,VS0,VE0
etag
"38262a77ac29a3d8422798ec47509b83"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
57
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
40586
article-detection.20230731-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230731-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nyasatimes/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e02dd34b1017ee295f27243e309b54b618988cb0788bcc3acf49824b0ed6175

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
u7Uw5nN0XKnEmpPIZbxOjiGHgj_aqONN
content-encoding
gzip
via
1.1 varnish
date
Mon, 31 Jul 2023 13:38:34 GMT
x-amz-request-id
PTDRY4E75ND07JPN
age
13212
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1270
x-amz-id-2
CsBHbRsX8YV60e4kP8x9kIcCe2PQraVKTfg95C5G0mNSV4qHmTYRr62EwvuxYf1cH0qXFbTvl+o=
x-served-by
cache-fra-eddf8230113-FRA
last-modified
Mon, 31 Jul 2023 09:58:23 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690810715.884571,VS0,VE0
etag
"bb42833ba8fd0dfde0c2c3076d001e2c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
58
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
40531
abtests
am-trc-events.taboola.com/nyasatimes/log/3/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/nyasatimes/log/3/abtests?route=AM:AM:V&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1690810714885%7D&tim=13%3A38%3A34.885&id=3117&llvl=2&ri=cb26b224c16fc2f23b9258ff4d3c9ecd&sd=v2_b7071dcd50d1539b38d284898b663f9b_e3c86ce1-1ed1-40b2-b03e-6c8c82521c7a-tuctbc13eda_1690810714_1690810714_CIi3jgYQlfg9GOGUsOGaMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABowen75N2l19oVcAA&ui=e3c86ce1-1ed1-40b2-b03e-6c8c82521c7a-tuctbc13eda&pi=/&wi=5270655214635861899&pt=home&vi=1690810714721&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230731-6-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
https://www.nyasatimes.com
pragma
no-cache
date
Mon, 31 Jul 2023 13:38:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/nyasatimes/log/3/ 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/nyasatimes/log/3/abtests?route=AM:AM:V&lti=deflated&ri=cb26b224c16fc2f23b9258ff4d3c9ecd&sd=v2_b7071dcd50d1539b38d284898b663f9b_e3c86ce1-1ed1-40b2-b03e-6c8c82521c7a-tuctbc13eda_1690810714_1690810714_CIi3jgYQlfg9GOGUsOGaMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABowen75N2l19oVcAA&ui=e3c86ce1-1ed1-40b2-b03e-6c8c82521c7a-tuctbc13eda&pi=/&wi=5270655214635861899&pt=home&vi=1690810714721&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1690810714876%7D&tim=13%3A38%3A34.877&id=3200&llvl=2&cv=20230731-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 31 Jul 2023 13:38:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
Kamuzu-Banda-600x341.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/Kamuzu-Banda-600x341.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
4bc844d4b4b93d1895abe0c9f4ed0f0a56d0ca243d8849906acb0dfb014bff19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 31 Jul 2023 13:38:34 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/Kamuzu-Banda-600x341.jpg
age
475358
edge-cache-tag
480903767145319335824201448764074094905,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
cache-tag
480903767145319335824201448764074094905,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
fastly-restarts
1
content-length
18235
x-request-id
66b157d824eb2e0a4e415e18cac5992d
x-backend-name
CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by
cache-iad-kjyo7100086-IAD, cache-iad-kjyo7100086-IAD, cache-fra-eddf8230113-FRA
last-modified
Wed, 12 Jul 2023 18:11:01 GMT
server
cloudinary
x-timer
S1690810715.913261,VS0,VE1
etag
"9bb2c98c18e4be6e30bb43e59abc8cfb"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1
cs
cs.lkqd.net/ Frame 1A72
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f41a84a1-a666-4952-98f4-e8fc8d8b4bf5
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f41a84a1-a666-4952-98f4-e8fc8d8b4bf5
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f41a84a1-a666-4952-98f4-e8fc8d8b4bf5
date
Mon, 31 Jul 2023 13:38:34 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 1A72 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 1A72 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 1A72
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8090645674011525419
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8090645674011525419
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8090645674011525419
pragma
no-cache
date
Mon, 31 Jul 2023 13:38:34 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 1A72
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=wgt504sWVeJRypPFKsjF9FFfBSU
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=wgt504sWVeJRypPFKsjF9FFfBSU
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=wgt504sWVeJRypPFKsjF9FFfBSU
Date
Mon, 31 Jul 2023 13:38:35 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
a-Nyasa-Times-pic-8846-433x600.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/a-Nyasa-Times-pic-8846-433x600.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5ed4c20498ac853bf62cc34c3eb6c9ef0ad4235375846a158ba66a23f90f7c9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 31 Jul 2023 13:38:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/a-Nyasa-Times-pic-8846-433x600.jpg
age
1600566
edge-cache-tag
478771477851942152707830282756227774051,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
cache-tag
478771477851942152707830282756227774051,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
978
expiration
expiry-date="Sat, 29 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.nyasatimes.com/
content-length
5092
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200079-IAD, cache-iad-kjyo7100029-IAD, cache-sna10740-LGB, cache-iad-kjyo7100108-IAD, cache-fra-eddf8230113-FRA
last-modified
Wed, 28 Jun 2023 08:26:25 GMT
server
nginx
x-timer
S1690810715.914737,VS0,VE1
etag
"306605ee795c416678b92b20cd5686b9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 290, 1
IMG-20200603-WA0031-1-450x600.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/IMG-20200603-WA0031-1-450x600.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1d490805186f0d4fcdffe1ad64daca7040cb96b48d413f5d6afcf8252c64f4dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 31 Jul 2023 13:38:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/IMG-20200603-WA0031-1-450x600.jpg
age
800926
edge-cache-tag
373455509098978435695418437586397858699,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
cache-tag
373455509098978435695418437586397858699,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
247
expiration
expiry-date="Sun, 06 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.nyasatimes.com/
content-length
4502
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100141-IAD, cache-iad-kiad7000030-IAD, cache-sna10727-LGB, cache-iad-kcgs7200047-IAD, cache-fra-eddf8230113-FRA
last-modified
Thu, 06 Jul 2023 23:52:45 GMT
server
nginx
x-timer
S1690810715.914716,VS0,VE1
etag
"28c426cf92630997cc9a54e04d425fe3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 18, 1
chakwera-walks-down-aisle.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.nyasatimes.com/wp-content/uploads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.nyasatimes.com/wp-content/uploads/chakwera-walks-down-aisle.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
346e4da8750273e0fb681009166c52e197d2b79bc26f72cdd86dd64d3980c2bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 31 Jul 2023 13:38:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.nyasatimes.com/wp-content/uploads/chakwera-walks-down-aisle.jpg
age
3400306
edge-cache-tag
616705552187753092117069784286501964199,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
cache-tag
616705552187753092117069784286501964199,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
459
req-referer
https://www.nyasatimes.com/
content-length
8270
x-request-id
a892db4c2f985785ddb1df23005b75dd
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000171-IAD, cache-iad-kcgs7200098-IAD, cache-lga21954-LGA, cache-iad-kjyo7100070-IAD, cache-fra-eddf8230113-FRA
last-modified
Mon, 12 Jun 2023 00:19:56 GMT
server
nginx
x-timer
S1690810715.914770,VS0,VE1
etag
"0d7d02eca9815bf7db1bded634d5c882"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 547, 1
supply-feature
am-trc-events.taboola.com/nyasatimes/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/nyasatimes/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=cb26b224c16fc2f23b9258ff4d3c9ecd&sd=v2_b7071dcd50d1539b38d284898b663f9b_e3c86ce1-1ed1-40b2-b03e-6c8c82521c7a-tuctbc13eda_1690810714_1690810714_CIi3jgYQlfg9GOGUsOGaMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABowen75N2l19oVcAA&ui=e3c86ce1-1ed1-40b2-b03e-6c8c82521c7a-tuctbc13eda&pi=/&wi=5270655214635861899&pt=home&vi=1690810714721&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%221277.203125%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=13%3A38%3A35.009&id=2466&llvl=2&cv=20230731-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 31 Jul 2023 13:38:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
Kamuzu-Banda-600x341.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/Kamuzu-Banda-600x341.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
4bc844d4b4b93d1895abe0c9f4ed0f0a56d0ca243d8849906acb0dfb014bff19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 31 Jul 2023 13:38:35 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/Kamuzu-Banda-600x341.jpg
age
475358
edge-cache-tag
480903767145319335824201448764074094905,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
cache-tag
480903767145319335824201448764074094905,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
fastly-restarts
1
content-length
18235
x-request-id
66b157d824eb2e0a4e415e18cac5992d
x-backend-name
CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by
cache-iad-kjyo7100086-IAD, cache-iad-kjyo7100086-IAD, cache-fra-eddf8230113-FRA
last-modified
Wed, 12 Jul 2023 18:11:01 GMT
server
cloudinary
x-timer
S1690810715.011076,VS0,VE0
etag
"9bb2c98c18e4be6e30bb43e59abc8cfb"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 2
a-Nyasa-Times-pic-8846-433x600.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/a-Nyasa-Times-pic-8846-433x600.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5ed4c20498ac853bf62cc34c3eb6c9ef0ad4235375846a158ba66a23f90f7c9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 31 Jul 2023 13:38:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/a-Nyasa-Times-pic-8846-433x600.jpg
age
1600566
edge-cache-tag
478771477851942152707830282756227774051,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
cache-tag
478771477851942152707830282756227774051,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
978
expiration
expiry-date="Sat, 29 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.nyasatimes.com/
content-length
5092
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200079-IAD, cache-iad-kjyo7100029-IAD, cache-sna10740-LGB, cache-iad-kjyo7100108-IAD, cache-fra-eddf8230113-FRA
last-modified
Wed, 28 Jun 2023 08:26:25 GMT
server
nginx
x-timer
S1690810715.011513,VS0,VE0
etag
"306605ee795c416678b92b20cd5686b9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 290, 2
IMG-20200603-WA0031-1-450x600.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/IMG-20200603-WA0031-1-450x600.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1d490805186f0d4fcdffe1ad64daca7040cb96b48d413f5d6afcf8252c64f4dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 31 Jul 2023 13:38:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/IMG-20200603-WA0031-1-450x600.jpg
age
800926
edge-cache-tag
373455509098978435695418437586397858699,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
cache-tag
373455509098978435695418437586397858699,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
247
expiration
expiry-date="Sun, 06 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.nyasatimes.com/
content-length
4502
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100141-IAD, cache-iad-kiad7000030-IAD, cache-sna10727-LGB, cache-iad-kcgs7200047-IAD, cache-fra-eddf8230113-FRA
last-modified
Thu, 06 Jul 2023 23:52:45 GMT
server
nginx
x-timer
S1690810715.011753,VS0,VE0
etag
"28c426cf92630997cc9a54e04d425fe3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 18, 2
chakwera-walks-down-aisle.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.nyasatimes.com/wp-content/uploads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.nyasatimes.com/wp-content/uploads/chakwera-walks-down-aisle.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
346e4da8750273e0fb681009166c52e197d2b79bc26f72cdd86dd64d3980c2bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 31 Jul 2023 13:38:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.nyasatimes.com/wp-content/uploads/chakwera-walks-down-aisle.jpg
age
3400306
edge-cache-tag
616705552187753092117069784286501964199,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
cache-tag
616705552187753092117069784286501964199,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
459
req-referer
https://www.nyasatimes.com/
content-length
8270
x-request-id
a892db4c2f985785ddb1df23005b75dd
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000171-IAD, cache-iad-kcgs7200098-IAD, cache-lga21954-LGA, cache-iad-kjyo7100070-IAD, cache-fra-eddf8230113-FRA
last-modified
Mon, 12 Jun 2023 00:19:56 GMT
server
nginx
x-timer
S1690810715.011734,VS0,VE0
etag
"0d7d02eca9815bf7db1bded634d5c882"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 547, 2
nyasa_logo.png
www.nyasatimes.com/wp-content/themes/nyasa2019/img/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyasatimes.com/wp-content/themes/nyasa2019/img/nyasa_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c72041f82ca5e57e8cded65e46305bd7fd2606d53d9d280db0c20a09048fba0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
258695
cf-polished
origSize=50019
content-length
28623
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Apr 2020 23:28:35 GMT
server
cloudflare
etag
"5ea0d323-c363"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3jkYxDuGbOER3bex%2FuK48VGTRBGzvFKLS3%2FLt8YyVKG7vhiT9qEn5%2B88BLGB2uaj0xJh4O%2Bk2iFbwXlB8sqo4CMUGdB3TJwpj1ctpAPI%2BL45aFUYZt0UC4gbfvDEt%2FGXjzvxFGGi0qyq4wtArYFqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7ef63e18d8952c65-FRA
1x1.trans.gif
www.nyasatimes.com/wp-content/plugins/lazy-load/images/ 		42 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyasatimes.com/wp-content/plugins/lazy-load/images/1x1.trans.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6467026
cf-polished
status=not_needed
content-length
42
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Apr 2017 10:28:12 GMT
server
cloudflare
etag
"58ef52bc-2a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bp4aYy7IdSQ4VSfkes2DyM2%2B7TvTH8YUwje3Z4GdSCEyFsi2iAqP5r8FNRe7c%2FxI8R0C0XyGdWbtDgHvwlCllVZR%2Bh4Z42sg2lIgQ%2F7wKAeQQ6br%2FefWqsCiisum%2B%2B6XAAvAjsB4JmHdCh79RUsDpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7ef63e18d8972c65-FRA
t
t.lkqd.net/ Frame 3626 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Mon, 31 Jul 2023 13:38:35 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.nyasatimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.nyasatimes.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
smush-lazyloader-1.gif
www.nyasatimes.com/wp-content/plugins/wp-smushit/app/assets/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyasatimes.com/wp-content/plugins/wp-smushit/app/assets/images/smush-lazyloader-1.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9589f013e233581d19f7afb507a84d2d6fdb63df82b475c78ff9b4a8ad703646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
245014
cf-polished
origSize=63847
content-length
29569
cf-bgj
imgq:85,h2pri
last-modified
Mon, 24 Jul 2023 19:21:38 GMT
server
cloudflare
etag
"64becf42-f967"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySs6kCMBRSIZsxQvS%2B1I1%2FcYnhAxjeJptlL7E4cx8jqxML1RG3j4P72b4SiRbJwfFMFNIefJvqPPkxNaXPo%2Fq7jO%2FiRjykUgzMFPrN97HRDfFGICAsN%2F2VRFutA2IVq9Rb3pUehD2%2FnCqdBYy17pWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7ef63e18e8a52c65-FRA
vpaid.js
ad.lkqd.net/vpaid/ Frame BBEC 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1690810715.cds231.fr8.hn,1690810715.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.nyasatimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.nyasatimes.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
t
t.lkqd.net/ Frame 5113 		0
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 31 Jul 2023 11:44:24 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6851
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 31 Jul 2023 13:44:24 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2Y6WYB46WC&gtm=45je37q0&_p=1332141835&ul=en-us&sr=1600x1200&cid=1086207001.1690810714&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=2&dl=https%3A%2F%2Fwww.nyasatimes.com%2F&dt=Malawi%20Nyasa%20Times%20-%20News%20from%20Malawi%20about%20Malawi%20-%20Malawi%20premier%20news%20source%20updated%2024%20Hours%20a%20day%20Nyasa%20Times%20-%20Malawi%20News%20-%20Malawi%20Politics&sid=1690810714&sct=1&seg=1&en=page_view&_ee=1&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2Y6WYB46WC&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:38:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
gum.criteo.com/ 		46 B
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230731-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
175279
expires
60
cse.js
cse.google.com/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=partner-pub-6272874513322487:3507483757
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
41ef3d6be931c84784595c3305ee39cc9f21a4e809991b3a630d70f81fee9b61
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-sf7kGPG8LU7Ftch4jtPzew' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-sf7kGPG8LU7Ftch4jtPzew' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding
br
date
Mon, 31 Jul 2023 13:38:35 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2438
x-xss-protection
0
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires
Mon, 31 Jul 2023 13:38:35 GMT
query_renderer.js
www.google.com/cse/ 		0
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1332141835&t=pageview&_s=3&dl=https%3A%2F%2Fwww.nyasatimes.com%2F&ul=en-us&de=UTF-8&dt=Malawi%20Nyasa%20Times%20-%20News%20from%20Malawi%20about%20Malawi%20-%20Malawi%20premier%20news%20source%20updated%2024%20Hours%20a%20day%20Nyasa%20Times%20-%20Malawi%20News%20-%20Malawi%20Politics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEABAAAAACAAI~&jid=&gjid=&cid=1086207001.1690810714&tid=UA-2751252-2&_gid=176002108.1690810714&cd1=0&z=2020335233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jul 2023 23:42:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50146
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/login/ Frame 2A49
Redirect Chain
  • https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df85aa7efb68378%26d...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fcon...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df85aa7efb68378%2526domain%253Dwww.nyasatimes.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.nyasatimes.com%25252Ff14e1a882f5ddcc%2526relation%253Dparent.parent%26container_width%3D284%26height%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FANCCLeeds%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=7e3fa7460cd93363b01e6225aef4c1a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.nyasatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 31 Jul 2023 13:38:35 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
4XQkgYpmK7poamEmfL5Vwic0M992sPFBG8wCBdNeyZPjK4mgrZpncgL4Fet31SLly1dH7nMcyvsbF9fY7g7Lhw==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:38:35 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v11.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df85aa7efb68378%2526domain%253Dwww.nyasatimes.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.nyasatimes.com%25252Ff14e1a882f5ddcc%2526relation%253Dparent.parent%26container_width%3D284%26height%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FANCCLeeds%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D300
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
n2AevnYNOGA00+OJCWVacw1zoRg0L9KoWpW/AorX5a6FSuKT9YQAxd7X3wpgskqXA1UyXn3rT59lVGT7Lda7GQ==
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307270101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307270101/pubads_impl.js?cb=31076634
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ffa6059cfb420b18517647e9d4e551e5bf955a931db91e4b7e1a986206a777f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11662
x-xss-protection
0
sync
x.bidswitch.net/ 		43 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=vidoomy&user_id=113251315.993691651886626228.4288327
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.133.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-133-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
skeleton.gif
static.adsafeprotected.com/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?bannnerid=264515_advertisement_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:2000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 10:51:51 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 045d55468661252b6be78e701e36b492.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
age
11846805
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
SUVseRjYAyP9rgKCFrfNCPlGEUl3yJU9dglHjPDhhCz_FkxbPlE0og==
usync.html
ad.lkqd.net/cookie-sync/ Frame C72E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Mon, 31 Jul 2023 13:38:35 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1690810715.cds231.fr8.hn,1690810715.cds226.fr8.c
ad
v.lkqd.net/ Frame BBEC 		61 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c4=true&c5=&c6=62144&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=55469766&m=&rtv=1&thost=www.nyasatimes.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
96714269a73b74394c29173372fb46a7e9f7efb98211440d178d2146e7cebc52

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
5087
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c4=true&c5=&c6=62144&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=55469766&m=&rtv=1&thost=www.nyasatimes.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.nyasatimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.nyasatimes.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
cs
cs.lkqd.net/ Frame C72E
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e0bcd262-9740-45f4-9cdc-a28dc78f26d2
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e0bcd262-9740-45f4-9cdc-a28dc78f26d2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e0bcd262-9740-45f4-9cdc-a28dc78f26d2
date
Mon, 31 Jul 2023 13:38:35 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame C72E 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame C72E 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame C72E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8522991238239093035
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8522991238239093035
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8522991238239093035
pragma
no-cache
date
Mon, 31 Jul 2023 13:38:34 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame C72E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=wgt504sWVeJRypPFKsjF9FFfBSU
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=wgt504sWVeJRypPFKsjF9FFfBSU
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=wgt504sWVeJRypPFKsjF9FFfBSU
Date
Mon, 31 Jul 2023 13:38:35 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
cse_element__en.js
www.google.com/cse/static/element/827890a761694e44/ 		307 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/827890a761694e44/cse_element__en.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6272874513322487:3507483757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bad408ca687f7bbb93fa8a5bda6ed18d6a04ecdcb03ae364e5d074f6cd3d9c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 11:02:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104755
x-xss-protection
0
last-modified
Thu, 08 Jun 2023 16:35:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 29 Jul 2024 11:02:04 GMT
default+en.css
www.google.com/cse/static/element/827890a761694e44/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/827890a761694e44/default+en.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6272874513322487:3507483757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 11:02:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95790
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9102
x-xss-protection
0
last-modified
Thu, 08 Jun 2023 16:35:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 29 Jul 2024 11:02:05 GMT
espresso.css
www.google.com/cse/static/style/look/v4/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/espresso.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6272874513322487:3507483757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79079035ef85018e365005353caff57c4797c437cb07f6460e77bf6477cd3805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:08:13 GMT
x-content-type-options
nosniff
age
1822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5329
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 31 Jul 2023 13:58:13 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307270101/pubads_impl.js?cb=31076634
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jul 2023 13:38:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E3E0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nyasatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 10:59:13 GMT
expires
Tue, 30 Jul 2024 10:59:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B505 		783 B
962 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
420fc3df00b53281db882c22a5bc0264dca120811bc6ffe540d00e1826f80f18
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3Eaa7IN-RP2NX9Ew1MQn-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nyasatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-3Eaa7IN-RP2NX9Ew1MQn-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:38:35 GMT
expires
Mon, 31 Jul 2023 13:38:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame B505 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307270101&jk=3708375072521124&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
pagead2.googlesyndication.com/bg/ Frame E3E0 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 07:27:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
281472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14592
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Jul 2024 07:27:23 GMT
t
t.lkqd.net/ Frame B4DD 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Mon, 31 Jul 2023 13:38:35 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.nyasatimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.nyasatimes.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
82ded4d26058520f4c0b127ca0cbc90400e17a1cec6b42685655e8bfe46c0aeeae67c2f758ba55a876990b7587de9a14071e21028ebfdaee98769df722207d098724de91a24815ca67e3
steadfastsystem.com/confirm/019ae2ed/ 		206 B
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://steadfastsystem.com/confirm/019ae2ed/82ded4d26058520f4c0b127ca0cbc90400e17a1cec6b42685655e8bfe46c0aeeae67c2f758ba55a876990b7587de9a14071e21028ebfdaee98769df722207d098724de91a24815ca67e3
Requested by
Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2/0/otbsIu5B1ADm6WfVcR8Zc-iCydrinBppxVUROdXidoTBwND7orK255k9qWkc4OMCrnAaQRGw2U_34risbp8QI6bKAjw1UZplpM-c2QtQovHZdOw4ENyP1ir3Lxy71qmrlzdvynk_Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:6072::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
a973b2d262a14c949d849ee769031ba1be65e8df878ec7dc1b04c5adf9433796
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.nyasatimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Mon, 31 Jul 2023 13:38:35 GMT
via
1.1 google
x-buildnumber
946550297
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nyasatimes.com
x-hostname
fen-hoothoot-europe-west1-f5xl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Mon, 31 Jul 2023 13:38:34 GMT
82ded4d26058520f4c0b127ca0cbc90400e17a1cec6b42685655e8bfe46c0aeeae67c2f758ba55a876990b7587de9a14071e21028ebfdaee98769df722207d098724de91a24815ca67e3
steadfastsystem.com/confirm/019ae2ed/ 		206 B
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://steadfastsystem.com/confirm/019ae2ed/82ded4d26058520f4c0b127ca0cbc90400e17a1cec6b42685655e8bfe46c0aeeae67c2f758ba55a876990b7587de9a14071e21028ebfdaee98769df722207d098724de91a24815ca67e3
Requested by
Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2/0/otbsIu5B1ADm6WfVcR8Zc-iCydrinBppxVUROdXidoTBwND7orK255k9qWkc4OMCrnAaQRGw2U_34risbp8QI6bKAjw1UZplpM-c2QtQovHZdOw4ENyP1ir3Lxy71qmrlzdvynk_Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:6072::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
f20e4d07bd7e68391f0fcb740ed4e7bd997d259751e1ac9b9b5f832fc3f76b36
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.nyasatimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Mon, 31 Jul 2023 13:38:35 GMT
via
1.1 google
x-buildnumber
946550297
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nyasatimes.com
x-hostname
fen-hoothoot-europe-west1-f5xl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Mon, 31 Jul 2023 13:38:34 GMT
generate_204
tpc.googlesyndication.com/ Frame E3E0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RTNOUw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
adx.adform.net/adx/ 		65 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.nyasatimes.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&_fw_us_privacy=&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C7662035625335885623543365060%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:38:35 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1690810715642052-543
Expires
Mon, 31 Jul 2023 13:38:35 GMT
/
adx.adform.net/adx/ 		65 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fwww.nyasatimes.com%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		832 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C53358856235433650601381082816%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
79453458005d67bf831a2c4fb0b3943b0f6a4d6993f7535895c16b972d2510b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:38:35 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
832
x-sticky-vk
1690810715621077-425
Expires
Mon, 31 Jul 2023 13:38:35 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		832 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C53358856235433650602103018410%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0ce5445c21e4d17afa8d4094fa8c419cd17c8c1c2483aa0e4fb2e0f833cff378

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:38:35 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
832
x-sticky-vk
1690810715679017-404
Expires
Mon, 31 Jul 2023 13:38:35 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.nyasatimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.nyasatimes.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
t
t.lkqd.net/ Frame B4DD 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Mon, 31 Jul 2023 13:38:35 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid_3bc8d9fc.js
vpaid.springserve.com/production/ Frame F333 		521 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_3bc8d9fc.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:1400:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fcc64316c5f3a1f5a4adb8183f9bdb4cf1c1e95713781e63c9ae243877f62128

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 15:49:57 GMT
content-encoding
gzip
via
1.1 9f8416bf8a85d328bf3649469ef2a474.cloudfront.net (CloudFront)
last-modified
Tue, 06 Jun 2023 22:03:46 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
1979321
x-amz-server-side-encryption
AES256
etag
W/"a29292a78266a1cc6eb74cbf0c848fb0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-id
GXTw3b_nsmSi_5y1eeTxj5QM64PefpX0kPvLvR3gct6FeH96aYV8aA==
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
bulk
trc.taboola.com/nyasatimes/log/3/ 		0
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/nyasatimes/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230731-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nyasatimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Mon, 31 Jul 2023 13:38:35 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7662
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230113-FRA
pragma
no-cache
server
nginx
x-timer
S1690810716.905041,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.nyasatimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.nyasatimes.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 31 Jul 2023 13:38:35 GMT
server
nginx
t
t.lkqd.net/ Frame B4DD 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Mon, 31 Jul 2023 13:38:36 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Mon, 31 Jul 2023 13:38:35 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
25895
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230113-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1690810716.936205,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
32
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
19050
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame F333 		978 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1690810715521,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_3bc8d9fc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
da8381d99a3b32684619c2bf30f9981e90959410f91d147882134050d6be5850

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:38:36 GMT
content-encoding
gzip
server
Apache
etag
"23da-5f762218eccb9-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
605
expires
Mon, 31 Jul 2023 13:38:36 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307270101&jk=3708375072521124&bg=!XV6lXgrNAAZGOVy5Zjk7ADkAdvg8WkY3YJ0jZEwsjxV4Id2CIZe6XWAbbsG6GAi_P33leRLig5Qf00yc-s4J_wpMFk6HCL7RjaACAAAAXVIAAAAIaAEHmQKn-JciJ0yeb5KwF3u4xQNiiWXHIt7YhePMtrLi8tJ3U3gIAqpZTFkDBQexodnk4qFP5zuMHAW_wwL5v-egj316_-LEBDYKfddKAnhPiKlNOqiGlX2_Z0_QjFfWJQDPuGu75CJVyycfb8nx1xcO1qTBMfmQk3TGD5wEvYcXS67fai2v7CygJIYGFFz6WhKC1695TaMe2AyuVKm1sI_1yMCNVCoUdpy8lgSOaul89TKo8iPfPfzxapSXN170fecpzMe9ZAu_9SwgvmnKjJqeq5bvBs8RDpOI9H0S2NZx4nrF3v7uMeAOtDU6tYZMtEqRjJlin7ifh1tYztZ3QkePBjj4nU5pKNPd5WrCMZatyGSrYWjdi7diJk9MLU4ijjWefsKj3GnkfbG9-KK4zO_C1NRC6HVKtEZnt2aLRjOYOKXGDihTQbkpeqp-tKn-NCSvM0GUOW5mRuFtJB7p2hCftXyWKXWG8bqsGCtb51lEGnI9LpIKDCmMzFnwbgi_HGdefFEDYpphytXc-hwVx4Pvy2I9TTU9jwBGhEzIxqVsXZC2O85j9VS_igOKBjw1VdJIITWAzWyqM35EXUfolY04nwfNf4-q8jF-8RoiWeYgUzdP4965YzJ-RvvG1frp73ksl7ra1qbuG0b3N4_8sHxKKad3voknWQG6DF_M_C_kxzYkcsLcX-K7fmu8iON3qHWJeQkDfP9nzmLzMWzOJISvWRLD-NwiWu7yU4uApH5O33I3w59rbfz8epzK4L1oaLN-QYdkSn44T2XePkCZT_FlOwyhxIx0Xm2552AsluSC1b-mHBcRTXN5pyHMahg2AsE3mCGw3F-0tWZDiNpSjJNj5NDTo2a4j9ZAfNDlcb2sWp7KMUmmBB3VBosrSN7VNfS8TeEP5dWlG9RPtA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 0A3F 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1690810715521,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:36 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
showad.js
ads.pubmatic.com/AdServer/js/ Frame BEDE 		39 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1690810715521,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=87857
content-encoding
gzip
content-length
14445
content-type
text/html
date
Mon, 31 Jul 2023 13:38:36 GMT
expires
Tue, 01 Aug 2023 14:02:53 GMT
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0A3F 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1690810715521,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:36 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=87857
accept-ranges
bytes
content-length
14445
expires
Tue, 01 Aug 2023 14:02:53 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame BEDE 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=82999529&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
95d4afdef28ca57efebf497f21a767a58adad1c04bdc0c599abb473f12c83e6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 31 Jul 2023 13:38:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 2DDA
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7507936083092471926
42 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7507936083092471926
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 31 Jul 2023 13:38:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7507936083092471926
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 8CD2
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829129191032
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829129191032
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 31 Jul 2023 13:38:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 31 Jul 2023 13:38:36 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829129191032
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
usersync.aspx
dis.criteo.com/dis/ Frame 95CC 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:38:35 GMT
expires
Mon, 31 Jul 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
201708
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame DAFE
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F75FF18A-B9AE-4A48-B64D-43C30B65951C&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F75FF18A-B9AE-4A48-B64D-43C30B65951C&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F75FF18A-B9AE-4A48-B64D-43C30B65951C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 31 Jul 2023 13:38:36 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
MP3KXQ4X1R6CNFVPKQGH

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 31 Jul 2023 13:38:36 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F75FF18A-B9AE-4A48-B64D-43C30B65951C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
AY0DQCNWM37NP0NX802V
Pug
image2.pubmatic.com/AdServer/ Frame FD8B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=QcVb_BXIDahawgGtFJAV8hWXDPhalAD5RMK22L_b
42 B
569 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=QcVb_BXIDahawgGtFJAV8hWXDPhalAD5RMK22L_b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 31 Jul 2023 13:38:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 31 Jul 2023 13:38:36 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=QcVb_BXIDahawgGtFJAV8hWXDPhalAD5RMK22L_b
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BEDE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=91_xirmuSki2TUPDC2WVHA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:36 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=141634
accept-ranges
bytes
content-length
5606
expires
Wed, 02 Aug 2023 04:59:10 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:38:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame BEDE 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F75FF18A-B9AE-4A48-B64D-43C30B65951C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.214.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-214-124.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:38:36 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.8.86
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame BEDE
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3611807715
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F75FF18A-B9AE-4A48-B64D-43C30B65951C
0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F75FF18A-B9AE-4A48-B64D-43C30B65951C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:38:35 GMT
via
1.1 google
last-modified
Mon, 31 Jul 2023 13:38:36 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F75FF18A-B9AE-4A48-B64D-43C30B65951C
date
Mon, 31 Jul 2023 13:38:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame BEDE
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F75FF18A-B9AE-4A48-B64D-43C30B65951C
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YjJpdGllNnMxamFUd0NHMkNPbEd3VGxlZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=9003859226632685610&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Server
34.224.44.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-44-34.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:38:36 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 31 Jul 2023 13:38:36 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame BEDE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjc1RkYxOEEtQjlBRS00QTQ4LUI2NEQtNDNDMzBCNjU5NTFD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 31 Jul 2023 13:38:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:38:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame BEDE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGQCvm55u0py1Q-UdQoNqDM&google_cver=1
42 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGQCvm55u0py1Q-UdQoNqDM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 31 Jul 2023 13:38:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:38:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGQCvm55u0py1Q-UdQoNqDM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame BEDE 		43 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 30 Jul 2023 13:38:36 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame BEDE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9003859226632685610
42 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9003859226632685610
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 31 Jul 2023 13:38:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:38:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9003859226632685610
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame BEDE 		70 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 31 Jul 2023 13:38:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
e68a09de932f77f14895578dfcb48cdcea485965f58a126eeea4ecc741dc97771ed6908b37c4584f5bb76c79b993b7ece8da970435445260e99cb82cb898be3e0b32b8d6d403608ea44a0f1c4eac
steadfastsystem.com/ 		2 B
340 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://steadfastsystem.com/e68a09de932f77f14895578dfcb48cdcea485965f58a126eeea4ecc741dc97771ed6908b37c4584f5bb76c79b993b7ece8da970435445260e99cb82cb898be3e0b32b8d6d403608ea44a0f1c4eac
Requested by
Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2/0/otbsIu5B1ADm6WfVcR8Zc-iCydrinBppxVUROdXidoTBwND7orK255k9qWkc4OMCrnAaQRGw2U_34risbp8QI6bKAjw1UZplpM-c2QtQovHZdOw4ENyP1ir3Lxy71qmrlzdvynk_Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:6072::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.nyasatimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Mon, 31 Jul 2023 13:38:36 GMT
via
1.1 google
x-buildnumber
946550297
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nyasatimes.com
x-hostname
fen-hoothoot-europe-west1-f5xl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Mon, 31 Jul 2023 13:38:35 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 0A3F 		27 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1690810715521,,&us_privacy=&cb=1690810716065&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2023-7-31%2013:38:36&ranreq=0.5255152814705817&timezone=0&sua_br=[]&sua_mob=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1690810715521,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:36 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame 0A3F 		0
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1690810717&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 31 Jul 2023 13:38:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230731-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Mon, 31 Jul 2023 13:38:36 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
3269
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230113-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1690810717.856961,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
8
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
16332
/
pips.taboola.com/ 		64 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
c96b5ed89eaa1d4a27061802697288c139b5f3c23911c09db7c9fcb01c60b273

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220028-FRA
date
Mon, 31 Jul 2023 13:38:36 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=e3c86ce1-1ed1-40b2-b03e-6c8c82521c7a-tuctbc13eda&uad=def9a88d4a332592de159183fb036d27d6a7fe94bfd472b69bd694a35201e8d6&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 Jul 2023 13:38:37 GMT
cache-control
no-store
server
nginx
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame F333 		978 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1690810715521,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_3bc8d9fc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
da8381d99a3b32684619c2bf30f9981e90959410f91d147882134050d6be5850

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:38:36 GMT
content-encoding
gzip
server
Apache
etag
"23da-5f762218eccb9-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
605
expires
Mon, 31 Jul 2023 13:38:36 GMT
track
st.pubmatic.com/ Frame F333 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1690810716&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 31 Jul 2023 13:38:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 8CBE 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1690810715521,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:36 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5CCC 		39 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1690810715521,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=87857
content-encoding
gzip
content-length
14445
content-type
text/html
date
Mon, 31 Jul 2023 13:38:36 GMT
expires
Tue, 01 Aug 2023 14:02:53 GMT
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8CBE 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1690810715521,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:36 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=87857
accept-ranges
bytes
content-length
14445
expires
Tue, 01 Aug 2023 14:02:53 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 5CCC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=2166026&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
19ae5c9785e9c5a13a38ebf725a3b8323d6644ee312527dd07fcb08720fa6a20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 31 Jul 2023 13:38:35 GMT
content-length
2022
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame E76E 		35 B
592 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=F75FF18A-B9AE-4A48-B64D-43C30B65951C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 31 Jul 2023 13:38:37 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 2325
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8860384499538037934&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8860384499538037934&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 31 Jul 2023 13:38:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
ae1b338e-781e-4f49-a9e4-14ef5531d910
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 31 Jul 2023 13:38:37 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8860384499538037934&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
81.95.5.37; 81.95.5.37; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3214
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7261976733243996306&gdpr=0&gdpr_consent=
42 B
221 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7261976733243996306&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 31 Jul 2023 13:38:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 31 Jul 2023 13:38:37 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7261976733243996306&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame B06B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wgt504sWVeJRypPFKsjF9FFfBSU&gdpr=0&gdpr_consent=
42 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wgt504sWVeJRypPFKsjF9FFfBSU&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 31 Jul 2023 13:38:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 31 Jul 2023 13:38:37 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wgt504sWVeJRypPFKsjF9FFfBSU&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 5048
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZMe5XQAAA1wswwA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 31 Jul 2023 13:38:37 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230053-FRA
x-timer
S1690810717.160478,VS0,VE93

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Mon, 31 Jul 2023 13:38:37 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZMe5XQAAA1wswwA4
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230053-FRA
x-timer
S1690810717.058667,VS0,VE93
sync
t.adx.opera.com/pub/ Frame F772 		0
0
mw
mwzeom.zeotap.com/ Frame 5CCC 		95 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=F75FF18A-B9AE-4A48-B64D-43C30B65951C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:37 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7ef63e25a9403a98-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 5CCC
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F75FF18A-B9AE-4A48-B64D-43C30B65951C&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F75FF18A-B9AE-4A48-B64D-43C30B65951C&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F75FF18A-B9AE-4A48-B64D-43C30B65951C&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:38:46 GMT
frontend-id
15
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:38:46 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=F75FF18A-B9AE-4A48-B64D-43C30B65951C&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 5CCC
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=F75FF18A-B9AE-4A48-B64D-43C30B65951C&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 31 Jul 2023 13:38:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
F75FF18A-B9AE-4A48-B64D-43C30B65951C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5CCC 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/F75FF18A-B9AE-4A48-B64D-43C30B65951C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:ac8b:87e9:703f:b17f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 5CCC 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F75FF18A-B9AE-4A48-B64D-43C30B65951C&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 5CCC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=9effc6d1-0d12-47b4-9e9e-9ab4022ec669&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_09bfd7b2-5213-4b49-b700-54a3ccedae14&bsw_param=9effc6d1-0d12-47b4-9e9e-9ab4022ec669&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9effc6d1-0d12-47b4-9e9e-9ab4022ec669&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9effc6d1-0d12-47b4-9e9e-9ab4022ec669&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 31 Jul 2023 13:38:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9effc6d1-0d12-47b4-9e9e-9ab4022ec669&gdpr=0&gdpr_consent=&gdpr_pd=
date
Mon, 31 Jul 2023 13:38:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 5CCC 		0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F75FF18A-B9AE-4A48-B64D-43C30B65951C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:38:37 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5CCC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8522991238239093035&gdpr=0&gdpr_consent=&us_privacy=
1 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8522991238239093035&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 31 Jul 2023 13:38:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8522991238239093035&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 31 Jul 2023 13:38:36 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 8CBE 		27 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1690810715521,,&us_privacy=&cb=1690810716970&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2023-7-31%2013:38:37&ranreq=0.372871511029355&timezone=0&sua_br=[]&sua_mob=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1690810715521,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:37 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame 8CBE 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1690810718&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 31 Jul 2023 13:38:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
track
st.pubmatic.com/ Frame F333 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1690810716&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 31 Jul 2023 13:38:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
i
vid-io-dub.springserve.com/vd/ Frame F333 		43 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-dub.springserve.com/vd/i?suuid=5fb70abd&ps_id=356921&event=js_opportunity&time_on_page=4&num_bq_pt=2&num_dt_pt=2&timestamp=1690810717608&ip=146.20.129.68&_disyn=1&ssid=0d9b281b-66e5-4e88-9f98-10c1f1757f10.1690810715521&uuid=5fb70abd-6ce2-417f-bd0d-acf95f804c56&url=https%3A%2F%2Fwww.nyasatimes.com%2F&did=5464fc36-1494-2bb1-fbe3-f5664d4a7d74&_rcc=bs.120206_vp.110514&d=nyasatimes.com&w=400&h=225&cc=US&dtnum=2&ss_region=pdx&a_cc=s.356921&d_m=www.nyasatimes.com&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=7459548
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.152.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-152-117.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 Jul 2023 13:38:37 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-sin.springserve.com/vd/ Frame F333 		43 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-sin.springserve.com/vd/i?suuid=5fb70abd&ps_id=356921&event=cm_js_demand_req_resp&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=62&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1690810717608&ip=146.20.129.68&_disyn=1&ssid=0d9b281b-66e5-4e88-9f98-10c1f1757f10.1690810715521&uuid=5fb70abd-6ce2-417f-bd0d-acf95f804c56&url=https%3A%2F%2Fwww.nyasatimes.com%2F&did=5464fc36-1494-2bb1-fbe3-f5664d4a7d74&_rcc=bs.120206_vp.110514&d=nyasatimes.com&w=400&h=225&cc=US&dtnum=2&ss_region=pdx&d_m=www.nyasatimes.com&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=9590179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.185.155 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-185-155.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 Jul 2023 13:38:38 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-sin.springserve.com/vd/ Frame F333 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-sin.springserve.com/vd/i?suuid=5fb70abd&ps_id=356921&event=js_demand_opportunity&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=1&timestamp=1690810717608&ip=146.20.129.68&_disyn=1&ssid=0d9b281b-66e5-4e88-9f98-10c1f1757f10.1690810715521&uuid=5fb70abd-6ce2-417f-bd0d-acf95f804c56&url=https%3A%2F%2Fwww.nyasatimes.com%2F&did=5464fc36-1494-2bb1-fbe3-f5664d4a7d74&_rcc=bs.120206_vp.110514&d=nyasatimes.com&w=400&h=225&cc=US&dtnum=2&ss_region=pdx&d_m=www.nyasatimes.com&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=1074724
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.185.155 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-185-155.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 Jul 2023 13:38:38 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame F333 		43 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=5fb70abd&ps_id=356921&event=js_demand_error&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=903&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1690810717608&ip=146.20.129.68&_disyn=1&ssid=0d9b281b-66e5-4e88-9f98-10c1f1757f10.1690810715521&uuid=5fb70abd-6ce2-417f-bd0d-acf95f804c56&url=https%3A%2F%2Fwww.nyasatimes.com%2F&did=5464fc36-1494-2bb1-fbe3-f5664d4a7d74&_rcc=bs.120206_vp.110514&d=nyasatimes.com&w=400&h=225&cc=US&dtnum=2&ss_region=pdx&d_m=www.nyasatimes.com&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=4494678
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.236.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-236-118.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 Jul 2023 13:38:37 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame F333 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=5fb70abd&ps_id=356921&event=cm_js_demand_req_resp&a_cc=s.356921-d.455568&dtidx=2&cc_i=0&response_time=13&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=2&timestamp=1690810717608&ip=146.20.129.68&_disyn=1&ssid=0d9b281b-66e5-4e88-9f98-10c1f1757f10.1690810715521&uuid=5fb70abd-6ce2-417f-bd0d-acf95f804c56&url=https%3A%2F%2Fwww.nyasatimes.com%2F&did=5464fc36-1494-2bb1-fbe3-f5664d4a7d74&_rcc=bs.120206_vp.110514&d=nyasatimes.com&w=400&h=225&cc=US&dtnum=2&ss_region=pdx&d_m=www.nyasatimes.com&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=8591099
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.236.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-236-118.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 Jul 2023 13:38:37 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame F333 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=5fb70abd&ps_id=356921&event=js_demand_opportunity&a_cc=s.356921-d.455568&dtidx=2&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=2&timestamp=1690810717608&ip=146.20.129.68&_disyn=1&ssid=0d9b281b-66e5-4e88-9f98-10c1f1757f10.1690810715521&uuid=5fb70abd-6ce2-417f-bd0d-acf95f804c56&url=https%3A%2F%2Fwww.nyasatimes.com%2F&did=5464fc36-1494-2bb1-fbe3-f5664d4a7d74&_rcc=bs.120206_vp.110514&d=nyasatimes.com&w=400&h=225&cc=US&dtnum=2&ss_region=pdx&d_m=www.nyasatimes.com&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=7094310
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.236.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-236-118.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 Jul 2023 13:38:37 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame F333 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=5fb70abd&ps_id=356921&event=js_demand_error&a_cc=s.356921-d.455568&dtidx=2&cc_i=0&response_time=662&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=2&timestamp=1690810717608&ip=146.20.129.68&_disyn=1&ssid=0d9b281b-66e5-4e88-9f98-10c1f1757f10.1690810715521&uuid=5fb70abd-6ce2-417f-bd0d-acf95f804c56&url=https%3A%2F%2Fwww.nyasatimes.com%2F&did=5464fc36-1494-2bb1-fbe3-f5664d4a7d74&_rcc=bs.120206_vp.110514&d=nyasatimes.com&w=400&h=225&cc=US&dtnum=2&ss_region=pdx&d_m=www.nyasatimes.com&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=5924544
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.236.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-236-118.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 Jul 2023 13:38:37 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-sin.springserve.com/vd/ Frame F333 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-sin.springserve.com/vd/i?suuid=5fb70abd&ps_id=356921&event=js_supply_error&time_on_page=1644&reason=NO_FILL&timeout=false&timestamp=1690810717608&ip=146.20.129.68&_disyn=1&ssid=0d9b281b-66e5-4e88-9f98-10c1f1757f10.1690810715521&uuid=5fb70abd-6ce2-417f-bd0d-acf95f804c56&url=https%3A%2F%2Fwww.nyasatimes.com%2F&did=5464fc36-1494-2bb1-fbe3-f5664d4a7d74&_rcc=bs.120206_vp.110514&d=nyasatimes.com&w=400&h=225&cc=US&dtnum=2&ss_region=pdx&a_cc=s.356921&d_m=www.nyasatimes.com&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=4522820
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.185.155 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-185-155.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 Jul 2023 13:38:38 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
track
st.pubmatic.com/ Frame F333 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1690810716&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 31 Jul 2023 13:38:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
truncated
/ Frame BBEC 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 9981 		446 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:8600:19:c363:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 20:31:23 GMT
content-encoding
br
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-cache-status
MISS
x-cache
Hit from cloudfront
last-modified
Thu, 06 Jul 2023 01:58:30 GMT
server
CloudFront
etag
W/"64a61fc6-6f992"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
x-amz-cf-id
y6ZBNf6Hu2dzEzWduAP_fquwfODXTqVaFSWdq5WXXdHLddRMuuEwdw==
expires
Mon, 31 Jul 2023 20:31:23 GMT
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 9981 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1690810718268
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:8600:19:c363:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 01:38:48 GMT
via
1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-cache-status
MISS
x-cache
Hit from cloudfront
content-length
25600
last-modified
Thu, 06 Jul 2023 01:58:31 GMT
server
CloudFront
etag
"64a61fc7-6400"
content-type
application/octet-stream
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
qQbKunb5cCEHufhzS24C5PPjDK7QZmrsYgm88QeaEQEJU_97hyTnaw==
expires
Tue, 01 Aug 2023 01:38:48 GMT
66301f28733e4318fca91f8fbe1ce6f9
pr-bh.ybp.yahoo.com/sync/stickyads/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=66301f28733e4318fca91f8fbe1ce6f9&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=v19d2_7261976737536700354&gdpr=0&gdpr_consent=null
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/66301f28733e4318fca91f8fbe1ce6f9?gdpr=0&gdpr_consent=null
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/stickyads/66301f28733e4318fca91f8fbe1ce6f9?gdpr=0&gdpr_consent=null
Protocol
H2
Server
2a05:d018:d29:3605:ac8b:87e9:703f:b17f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:38:38 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://pr-bh.ybp.yahoo.com/sync/stickyads/66301f28733e4318fca91f8fbe1ce6f9?gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1690810718442003-593
Expires
Mon, 31 Jul 2023 13:38:38 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 9981 		301 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fwww.nyasatimes.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:38:38 GMT
Server
nginx
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1690810718244056-388
Expires
Mon, 31 Jul 2023 13:38:38 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 9981 		67 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C62144%2C1%2C53358856235433650601381082816%2C%2C&_fw_gdpr_consent=&vav=565ebea87dca7877f5eb5ae4de2a34c3&vaviv=94196202becd4c06d7ef3c320c985f08&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.nyasatimes.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:38:38 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1690810718281027-381
Expires
Mon, 31 Jul 2023 13:38:38 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.nyasatimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.nyasatimes.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 31 Jul 2023 13:38:38 GMT
server
nginx
t
t.lkqd.net/ Frame B4DD 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Mon, 31 Jul 2023 13:38:38 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NjYzMDFmMjg3MzNlNDMxOGZjYTkxZjhmYmUxY2U2Zjk=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NjYzMDFmMjg3MzNlNDMxOGZjYTkxZjhmYmUxY2U2Zjk=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:38:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:38:38 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NjYzMDFmMjg3MzNlNDMxOGZjYTkxZjhmYmUxY2U2Zjk=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1690810718234087-363
Expires
Mon, 31 Jul 2023 13:38:38 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=66301f28733e4318fca91f8fbe1ce6f9&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=66301f28733e4318fca91f8fbe1ce6f9&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:38:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WA69CTJ0M5QWF8BK732E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:38:38 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=66301f28733e4318fca91f8fbe1ce6f9&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1690810718293041-572
Expires
Mon, 31 Jul 2023 13:38:38 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.nyasatimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.nyasatimes.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 31 Jul 2023 13:38:38 GMT
server
nginx
t
t.lkqd.net/ Frame B4DD 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Mon, 31 Jul 2023 13:38:38 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame A732 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c4=true&c5=&c6=62144&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=27172793&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
8393a0c72963d15f331da30b6820a4a93f226f334430e31c5cd8fa744c53214a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:38 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1412
vpaid.js
ad.lkqd.net/vpaid/ Frame EA53 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:39 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1690810719.cds231.fr8.hn,1690810719.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame 0847 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Mon, 31 Jul 2023 13:38:39 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1690810719.cds231.fr8.hn,1690810719.cds226.fr8.c
ad
v.lkqd.net/ Frame 		0
0
ad
v.lkqd.net/ Frame EA53 		0
0
cs
cs.lkqd.net/ Frame 0847
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e0bcd262-9740-45f4-9cdc-a28dc78f26d2
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e0bcd262-9740-45f4-9cdc-a28dc78f26d2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:39 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e0bcd262-9740-45f4-9cdc-a28dc78f26d2
date
Mon, 31 Jul 2023 13:38:39 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 0847 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:39 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 0847 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:39 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 0847
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8522991238239093035
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8522991238239093035
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:39 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8522991238239093035
pragma
no-cache
date
Mon, 31 Jul 2023 13:38:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 0847
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=wgt504sWVeJRypPFKsjF9FFfBSU
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=wgt504sWVeJRypPFKsjF9FFfBSU
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:38:39 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=wgt504sWVeJRypPFKsjF9FFfBSU
Date
Mon, 31 Jul 2023 13:38:39 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame 78C8 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Mon, 31 Jul 2023 13:38:39 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.nyasatimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.nyasatimes.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 31 Jul 2023 13:38:39 GMT
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
http://www.google.com/cse/query_renderer.js
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
www.google.com
URL
http://www.google.com/cse/query_renderer.js
Domain
t.adx.opera.com
URL
https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Domain
v.lkqd.net
URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c4=true&c5=&c6=62144&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=27172793&m=&rtv=1&thost=www.nyasatimes.com
Domain
v.lkqd.net
URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c4=true&c5=&c6=62144&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=27172793&m=&rtv=1&thost=www.nyasatimes.com

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| Eager object| CloudflareApps string| GoogleAnalyticsObject function| ga object| __cfQR object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| CleverCore boolean| CleverCoreLoaded object| dataLayer object| google_tag_manager object| googletag object| _wpemojiSettings function| admiral function| $ function| jQuery function| flatpickr object| wpp_params object| WordPressPopularPosts function| gtag object| _taboola string| image_save_msg string| no_menu_msg function| disableCTRL function| disableselect function| disableselect_ie function| reEnable function| disablecmenu object| _mN object| _mNSrv function| setup undefined| _mN_ctr string| _mN_Idf string| _mN_ctrM function| _lr function| _ld object| _mNDetails undefined| _mNE object| _mNHandle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| bootstrap object| twemoji object| wp function| 4dm1r11545242527 function| callPlayers function| __tcfapi_8928924878912 object| vpaidLoader function| Sly object| TRC function| _typeof object| _tblConsole undefined| msg function| Popper object| WebFont object| mailoptin_globals function| moFormRecaptchaLoadCallback object| emailL10n function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages number| email_p number| email_pageid string| email_yourname string| email_youremail string| email_yourremarks string| email_friendname string| email_friendemail string| email_friendnames string| email_friendemails string| email_imageverify function| validate_email_form function| isEmpty function| is_valid_name function| is_valid_email function| is_valid_remarks function| email_popup function| email_form object| pollsL10n object| FB function| poll_vote function| poll_process function| poll_result function| poll_booth function| poll_process_success object| pp_ajax_form function| ppFormRecaptchaLoadCallback object| ppressCheckoutForm string| nam object| placementData object| __buffer object| lazySizes object| megamenu function| AdBlockEnabled boolean| __cfRLUnblockHandlers object| lkqd object| mobile_blocked_mfs function| lkqd_http_response object| __gcse object| GoogleGcLKhOms object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol object| google_image_requests

70 Cookies

Domain/Path Name / Value
.nyasatimes.com/ Name: _gid
Value: GA1.2.176002108.1690810714
.nyasatimes.com/ Name: _gat
Value: 1
.nyasatimes.com/ Name: _ga_FKDMWW05QH
Value: GS1.1.1690810714.1.0.1690810714.0.0.0
.nyasatimes.com/ Name: _ga
Value: GA1.1.1086207001.1690810714
.ads.stickyadstv.com/ Name: UID
Value: 66301f28733e4318fca91f8fbe1ce6f9
www.nyasatimes.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3De3c86ce1-1ed1-40b2-b03e-6c8c82521c7a-tuctbc13eda
.doubleclick.net/ Name: IDE
Value: AHWqTUl5DUuVmVM2T-RELGpY-4KU_ZiG5A0fF8MBmzLo2n_YZmVHhASPWse6GD_zrw8
.nyasatimes.com/ Name: __gads
Value: ID=28728b1391f91ce2-223be2581de300de:T=1690810714:RT=1690810714:S=ALNI_Mbb0XSydd1JaoXsM289yRb2KCkKWA
.nyasatimes.com/ Name: __gpi
Value: UID=00000d349d020fbb:T=1690810714:RT=1690810714:S=ALNI_MZGOeSJQ4SS_AsgYCABCNA7Czco1g
.csync.loopme.me/ Name: viewer_token
Value: e0bcd262-9740-45f4-9cdc-a28dc78f26d2
.nyasatimes.com/ Name: _ga_2Y6WYB46WC
Value: GS1.2.1690810714.1.1.1690810715.0.0.0
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c20b79d3-8b16-55e2-51ca-93c52ac8c5f4.Wj94abwqhGhIXBoledkDrcVwKDL1CJFTsIebEFEYYKY
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c20b79d3-8b16-55e2-51ca-93c52ac8c5f4.Wj94abwqhGhIXBoledkDrcVwKDL1CJFTsIebEFEYYKY
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Awgt504sWVeJRypPFKsjF9FFfBSU.FWZXYv3ZnNZGHMdIEaDafTCUhtwdSqb5SO1xy9sZedM
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Awgt504sWVeJRypPFKsjF9FFfBSU.FWZXYv3ZnNZGHMdIEaDafTCUhtwdSqb5SO1xy9sZedM
.turn.com/ Name: uid
Value: 8522991238239093035
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIHdD5aik2sMuu9MUMiKohGwkzzWhkJfMui96JqsVistBEHwYBCDb8p6mBjABOgRVNED5QgRR18pw.MNEBxeeJMAibgBZYJzV8ZhJ5RxXze45DBOkor%2Bys3dM
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIHdD5aik2sMuu9MUMiKohGwkzzWhkJfMui96JqsVistBEHwYBCDb8p6mBjABOgRVNED5QgRR18pw.MNEBxeeJMAibgBZYJzV8ZhJ5RxXze45DBOkor%2Bys3dM
.nyasatimes.com/ Name: _awl
Value: 2.1690810715.5-f7ddf5ed62d8b03d4489fb683b39c1bb-6763652d6575726f70652d7765737431-0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F75FF18A-B9AE-4A48-B64D-43C30B65951C
.weborama.fr/ Name: AFFICHE_W
Value: fFBwBvLAtft834
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwsjQEIktDA2MjIT5D3bCSyMhcvxAnZ8cgDwCBJ0qHJQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlgYWhgbmhmZGQIAO3NAm0QAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwsjQEIktDA2MjIT5D3bCSyMhcvxAnZ8cgDwCBJ0qHJQAAAA
.simpli.fi/ Name: suid
Value: CC950224AD844FE3B6B77EF7B0F4B3D6
.quantserve.com/ Name: d
Value: EKUBCwHMKfijAA
.quantserve.com/ Name: mc
Value: 64c7b95c-39fca-9bf43-e8233
.adform.net/ Name: C
Value: 1
.de17a.com/ Name: guid
Value: 1.7507936083092471926
.adform.net/ Name: uid
Value: 9003859226632685610
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-QcVb_BXIDahawgGtFJAV8hWXDPhalAD5RMK22L_b&KRTB&19420-QcVb_BXIDahawgGtFJAV8hWXDPhalAD5RMK22L_b&KRTB&22979-QcVb_BXIDahawgGtFJAV8hWXDPhalAD5RMK22L_b&KRTB&23403-QcVb_BXIDahawgGtFJAV8hWXDPhalAD5RMK22L_b
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5107433829129191032
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGQCvm55u0py1Q-UdQoNqDM&KRTB&16514-CAESEGQCvm55u0py1Q-UdQoNqDM&KRTB&23025-CAESEGQCvm55u0py1Q-UdQoNqDM&KRTB&23386-CAESEGQCvm55u0py1Q-UdQoNqDM
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-7507936083092471926
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-9003859226632685610&KRTB&23263-9003859226632685610&KRTB&23481-9003859226632685610
.amazon-adsystem.com/ Name: ad-id
Value: A5w0fJpA30mVi4PBlza-cAc
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.audrte.com/ Name: arcki2
Value: b2itie6s1jaTwCG2COlGwTleg!20220908!1690810716514!ip#81.95.5.37
.audrte.com/ Name: arcki2_pubmatic
Value: F75FF18A-B9AE-4A48-B64D-43C30B65951C!20220908!1690810716516
.audrte.com/ Name: arcki2_ddp2
Value: b2itie6s1jaTwCG2COlGwTleg!20220908!1690810716640
.audrte.com/ Name: arcki2_adform
Value: 9003859226632685610!20220908!1690810716766
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: pp
Value: 156498
.pubmatic.com/ Name: PMDTSHR
Value: cat:
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: DPSync3
Value: 1691971200%3A245_241_235_227_226_219_197_201
.pubmatic.com/ Name: SyncRTB3
Value: 1693353600%3A203%7C1691625600%3A63%7C1691971200%3A233_22_161_220_21_71_264_251_8_54_3_13_56_46%7C1691366400%3A15_223_2%7C1692057600%3A35
.bidswitch.net/ Name: tuuid
Value: 9effc6d1-0d12-47b4-9e9e-9ab4022ec669
.bidswitch.net/ Name: c
Value: 1690810717
.bidswitch.net/ Name: tuuid_lu
Value: 1690810717
.adfarm1.adition.com/ Name: UserID1
Value: 7261976733243996306
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8522991238239093035&KRTB&23150-8522991238239093035
.zeotap.com/ Name: zc
Value: 9986111f-b0c4-47d6-77fe-3e227f1bc172
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_09bfd7b2-5213-4b49-b700-54a3ccedae14
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7261976733243996306&KRTB&23369-7261976733243996306
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-9effc6d1-0d12-47b4-9e9e-9ab4022ec669
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-wgt504sWVeJRypPFKsjF9FFfBSU&KRTB&23334-wgt504sWVeJRypPFKsjF9FFfBSU&KRTB&23417-wgt504sWVeJRypPFKsjF9FFfBSU&KRTB&23426-wgt504sWVeJRypPFKsjF9FFfBSU
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZMe5XQAAA1wswwA4
.semasio.net/ Name: SEUNCY
Value: FC4212CBB157CA96
.adnxs.com/ Name: uuid2
Value: 8860384499538037934
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8860384499538037934&KRTB&23339-8860384499538037934
.pubmatic.com/ Name: PugT
Value: 1690810717
.onaudience.com/ Name: cookie
Value: 75d1766be024af6d
.onaudience.com/ Name: done_redirects147
Value: 1
.adx.opera.com/ Name: UID
Value: OPU0e3a8815f0b94e149ebcad7793dc245e
.ads.stickyadstv.com/ Name: uid-bp-159
Value: 1
.ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
.fwmrm.net/ Name: _uid
Value: "v19d2_7261976737536700354"
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: v19d2_7261976737536700354
.ads.stickyadstv.com/ Name: MRM_UID
Value: v19d2_7261976737536700354

6 Console Messages

Source Level URL
Text
security error URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
Mixed Content: The page at 'https://www.nyasatimes.com/' was loaded over HTTPS, but requested an insecure script 'http://www.google.com/cse/query_renderer.js'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&adk=1812271804&adf=3025194257&lmt=1690810714&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690810714425&bpp=19&bdt=459&idt=307&shv=r20230726&mjsv=m202307240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2790698199253&frm=20&pv=2&ga_vid=1086207001.1690810714&ga_sid=1690810715&ga_hid=1332141835&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076409%2C31076425%2C42531705%2C42532317%2C44788441%2C44798156%2C44769662&oid=2&pvsid=3708375072521124&tmod=1669594165&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=354
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
Mixed Content: The page at 'https://www.nyasatimes.com/' was loaded over HTTPS, but requested an insecure script 'http://www.google.com/cse/query_renderer.js'. This request has been blocked; the content must be served over HTTPS.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F75FF18A-B9AE-4A48-B64D-43C30B65951C&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://ads.pubmatic.com/AdServer/js/showad.js?(Line 1)
Message:
Mixed Content: The page at 'https://www.nyasatimes.com/' was loaded over HTTPS, but requested an insecure frame 'http://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU0e3a8815f0b94e149ebcad7793dc245e&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
3d44b71d3c52cdd2c4a6fd34416e8c00.safeframe.googlesyndication.com
a.audrte.com
aax-eu.amazon-adsystem.com
ad.lkqd.net
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adx.adform.net
ajax.googleapis.com
am-trc-events.taboola.com
c1.adform.net
call.cleverwebserver.com
cdn.stickyadstv.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
cr.frontend.weborama.fr
cs.lkqd.net
cse.google.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
images.taboola.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mwzeom.zeotap.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel.onaudience.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
region1.google-analytics.com
s.amazon-adsystem.com
scripts.cleverwebserver.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sonata-notifications.taptapnetworks.com
st.pubmatic.com
static.adsafeprotected.com
steadfastsystem.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.srv.stackadapt.com
t.adx.opera.com
t.lkqd.net
tpc.googlesyndication.com
trc.taboola.com
ui.cleverwebserver.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
use.fontawesome.com
v.lkqd.net
vid-io-dub.springserve.com
vid-io-iad.springserve.com
vid-io-sin.springserve.com
vid.pubmatic.com
vpaid.pubmatic.com
vpaid.springserve.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.nyasatimes.com
x.bidswitch.net
t.adx.opera.com
t.lkqd.net
v.lkqd.net
www.google.com
141.226.224.32
141.226.228.48
142.250.185.66
146.20.132.142
146.20.132.182
15.235.15.221
151.101.193.44
151.101.194.49
151.139.128.10
178.250.1.9
185.64.190.75
185.64.190.89
185.64.191.210
193.0.160.131
198.47.127.19
198.47.127.205
2001:4860:4802:34::36
213.155.156.168
23.213.161.145
23.218.208.23
23.35.236.201
2600:1901:0:6072::1
2600:9000:237d:1400:15:6f6c:b180:93a1
2600:9000:238d:2000:8:48e:53c0:93a1
2600:9000:2490:8600:19:c363:bec0:93a1
2606:4700:10::ac43:db6
2606:4700:20::ac43:4681
2606:4700::6811:190e
2606:4700::6812:18f6
2606:4700::6812:bcf
2606:4700:e2::ac40:840f
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:828::2001
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a02:2638:d::d
2a02:fa8:8806:13::1400
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42::300
2a05:d018:d29:3605:ac8b:87e9:703f:b17f
3.19.54.139
3.69.181.161
3.75.62.37
34.111.129.221
34.111.131.239
34.193.236.118
34.224.44.34
35.156.133.126
35.156.201.21
35.204.158.49
35.214.138.23
35.71.131.137
37.157.5.133
37.157.6.254
37.252.171.52
46.228.164.11
52.211.152.117
52.214.214.124
52.23.28.172
52.46.128.147
54.251.185.155
67.220.224.144
69.173.144.139
69.20.43.192
77.243.51.121
85.114.159.118
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
07a391e09587513aa78421c34ed482a17a5e003c2132edd96227d53831a131b0
086dd0789baa90ee55446b3fdfbe2dac6d34db27b6c290db991115df75636571
0a53bc33c39273359690f66fe69169c7f21746854db5a1541fb76bd1313e2122
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5445c21e4d17afa8d4094fa8c419cd17c8c1c2483aa0e4fb2e0f833cff378
0db5385d1dbc5739d88e22c6c2107924ccc02b77096723764a82fb67ff7e37a4
0dcbd46cde73764ea9a1f2c69f74e8698554cc932ed7cdd09c96e9caee25345b
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492
0fb18064e93dcb5c81e299d654eefd343783121ecaee48efe564f1645c98e5dd
173c5232fc94635df462181cf6ffeeaecc0ce9604a65d33e64ecf1e28543d8f8
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
19ae5c9785e9c5a13a38ebf725a3b8323d6644ee312527dd07fcb08720fa6a20
1c8a397874e44fdae2d8a9e5f7da22bb86da5052eb00841c890b9da80cea068b
1d490805186f0d4fcdffe1ad64daca7040cb96b48d413f5d6afcf8252c64f4dd
221d91942858f02c7f3f910ba1d9a1de39e5a2c33ef1313b5e7e25d15877ff28
238737450894210282469410cc7d6e03124ddbd43dcae14783d0570220f8cfa4
24011b4c797fe6c785e814b4ca1ab08109552ab9defeaae981e06163eb196bb2
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
28c4b0cffe3deab325e86ffa45c5f40e2c13e4e6db70f29e1726e4e077d65ce5
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ade4279c3b32472f61c35484d70ba1cec2deea85e6061832e6998dfad85e85c
2c1801c35c6b674fa41dbac260e0373a1bd07b52fe25261cec4a1434f1e80eed
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31b11a2e634abd7166080ec689881f1152413a31284ab5fdff37ffd2cfac3212
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
34141e57b1afc6233de17f6fc96ef59921c1c2b4b4a22abb5b2abb8471903078
346e4da8750273e0fb681009166c52e197d2b79bc26f72cdd86dd64d3980c2bf
3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165
37996a4c1f063a0e1546f563e8bd6b45c90f346f48a0a35a70f6a53467a0cdf5
380e7e97e28c3a505dfdfde6dd4dc626b904a062bbf0cce024dd3186aa4b8f5d
3bd7dbb07d154847566c047aec819747188764bb15945bcb61506a06ebd1055e
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eead5c31242b32b964a0fdc37d7e1d16d41e503ac00a9216bb3872dec08717a
41ef3d6be931c84784595c3305ee39cc9f21a4e809991b3a630d70f81fee9b61
420fc3df00b53281db882c22a5bc0264dca120811bc6ffe540d00e1826f80f18
42923a1800bbdce3e53d63be7cbdfaed8a613fe27ededb8c443e434d257538bd
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4bc844d4b4b93d1895abe0c9f4ed0f0a56d0ca243d8849906acb0dfb014bff19
4db2c1a9a26ab0320d238a43b3a06f0a97d4e3b2d65da8529eaaf13c6104d297
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f80415ceb19e9bed88e56f5ddd98342d33a5b2c5dbc22e8bff5606d04365a4e
5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5501dbf0d7b8c4b63f89aee3c34e78bb4b30dcef3b31a58246feb5e06c0bcabc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56766118b2d88ec07a91240cd9d5ddaa7ede6b39b4578d3fcfbb76e6a1794e5a
59ef094661f1728db1227856980d99c6c660b18ae608226038ab7a987697ae46
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984
5ed4c20498ac853bf62cc34c3eb6c9ef0ad4235375846a158ba66a23f90f7c9c
5ffa6059cfb420b18517647e9d4e551e5bf955a931db91e4b7e1a986206a777f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
6c043764f2a86eb9a5956c7d47607d277e2f5e9c78599705849539ac951c7653
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d
6e02dd34b1017ee295f27243e309b54b618988cb0788bcc3acf49824b0ed6175
7081b35bdd0f1ba60fcb80e1ef5bc535b4010d10bd97cf40a362e67819ab5e98
75eba8fe9c854250c1fbd281718aad7ee3d6d963210145cdd54f2ced17469682
79079035ef85018e365005353caff57c4797c437cb07f6460e77bf6477cd3805
79453458005d67bf831a2c4fb0b3943b0f6a4d6993f7535895c16b972d2510b1
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7dcba34437763d6fcd207c0db28ee8446ba6377affc4f00a3b0e1f8976277404
80a2d7122993ca65b09a265a92ab7275d283afa3edeca1c735f37b0b05490fad
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8393a0c72963d15f331da30b6820a4a93f226f334430e31c5cd8fa744c53214a
8686a38f30ea14d4b7a8c48415d75633a10910c6ceee1d8d67dc44aaee109d7b
8704f607741a4e0a4d82cf024d026c9e7c1d65241250c2223f31dca29a07dc15
893b8c01f38f7d5ba1525463505f7c6301efdf0cd7489f1e5d35e89553cb3799
89d3327f4c0aedb14e2bae462ef75d2e6c6c74b408e5dd428bc2f3c6c516ec95
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
9589f013e233581d19f7afb507a84d2d6fdb63df82b475c78ff9b4a8ad703646
95d4afdef28ca57efebf497f21a767a58adad1c04bdc0c599abb473f12c83e6d
96655b4832003672cac500e6079e0b4d28c64b91ede43612d302ec059bfee2a5
96714269a73b74394c29173372fb46a7e9f7efb98211440d178d2146e7cebc52
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a973b2d262a14c949d849ee769031ba1be65e8df878ec7dc1b04c5adf9433796
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b17fe7091c0ec8e16acb022f3de1fe6f3ddaf4822eff6010a2c7563e34da7789
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381
b4caac45d7fcf22918f1d9ff3905b22a5960cf631f50ca2a8b3bf1e84af10063
bad408ca687f7bbb93fa8a5bda6ed18d6a04ecdcb03ae364e5d074f6cd3d9c9c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
c72041f82ca5e57e8cded65e46305bd7fd2606d53d9d280db0c20a09048fba0c
c8f2c9cc3007a04609cd1f2bd817334f7a2f2cef686bb41666ccb7d813963145
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
c96b5ed89eaa1d4a27061802697288c139b5f3c23911c09db7c9fcb01c60b273
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf1330149b58ea530b6d98561b09492c76444eb391ed0252b3cf83b6367c8d92
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3c101a3a697ae472703105ac8f906a5af0cbe3f325319fb41ff13e8d602660d
d8dc6a157ad70bfed83a655e508234cf8f9b136d56fea918d05216338f314e6f
da8381d99a3b32684619c2bf30f9981e90959410f91d147882134050d6be5850
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
ddbda21655c0c2cb09913a9e33d856a8b8f3e1eae610cdbda8524def2dc71f7d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df74cc44b003d2e43bfb7ad76eb3f5efe29d04d9d2573fc83db1f9feb25694a7
df7ae8fa6fdd13ae233301624fbac06d859f949444e9d04f9aaf648284bb205d
e1de51499abe09b8c8f6b804fa2cd9c2678cb1da29af22981f54b10fc482e196
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8dc09e4ddc3c326ef6341498e7e8e70af3a848713429b909be53c947b43da10
e950e25bc84e3bdcc5020fc4aa31445faeeaca79fe514759bfb673e060498b9a
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e618481ea4d1ed6ac8ce59747a2ea42bbe13fbcb462c2d301891ff21e9d53f
f20e4d07bd7e68391f0fcb740ed4e7bd997d259751e1ac9b9b5f832fc3f76b36
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f67458c8ccf0751a52dc1519d75ba355c8c8ffb2028b6aee4a9145629e975333
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7ee6c44dba2d020c99ee1c1c28aa32fe0597e689f200641eacd565c93b6592d
f946a58a09b12100b963479c4c8a43a8ec086cc6d8f7f1f58d4e30235feef0e9
fcc64316c5f3a1f5a4adb8183f9bdb4cf1c1e95713781e63c9ae243877f62128
fdc6c2e3fda2bdac577c0067ff2b324447b2fa38f8fa20f1624edbd87b6c38b1
fedfc9cb55ef860d81685746a7bac6474be8bd713f094ebf5d2b2fcead43f052