urlscan.io logo urlscan.io
SecurityTrails logo

www.gazetaexpress.com Open in urlscan Pro
172.64.201.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Effective URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Submission: On February 24 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 84 IPs in 10 countries across 74 domains to perform 506 HTTP transactions. The main IP is 172.64.201.10, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.gazetaexpress.com. The Cisco Umbrella rank of the primary domain is 388063.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2021. Valid for: a year.
This is the only time www.gazetaexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
63 172.64.201.10 13335 (CLOUDFLAR...)
3 2.18.232.7 16625 (AKAMAI-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 52.239.139.164 8075 (MICROSOFT...)
9 142.250.181.226 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
15 208.88.224.28 40824 (WZCOM-)
14 104.19.134.78 13335 (CLOUDFLAR...)
20 2606:2800:234... 15133 (EDGECAST)
6 2a00:1450:400... 15169 (GOOGLE)
1 18.66.248.38 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
50 151.101.1.44 54113 (FASTLY)
2 104.107.161.75 16625 (AKAMAI-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.32.99.46 16509 (AMAZON-02)
1 34.211.16.202 16509 (AMAZON-02)
2 11 37.157.4.24 198622 (ADFORM)
1 18.196.230.57 16509 (AMAZON-02)
9 2602:803:c003... 26667 (RUBICONPR...)
1 185.184.8.65 204995 (RTB-HOUSE...)
8 37.252.172.123 29990 (ASN-APPNEX)
8 178.250.2.131 44788 (ASN-CRITE...)
1 72.251.249.9 29791 (VOXEL-DOT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 104.244.42.72 13414 (TWITTER)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a03:5f80:a::... 50952 (DATAIX-AS...)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 67.199.248.11 396982 (GOOGLE-PR...)
2 2a02:2638:1::11 44788 (ASN-CRITE...)
6 23.0.42.150 16625 (AKAMAI-AS)
2 2602:803:c003... 26667 (RUBICONPR...)
1 104.26.1.156 13335 (CLOUDFLAR...)
24 2a02:2638::3 44788 (ASN-CRITE...)
2 178.250.2.148 44788 (ASN-CRITE...)
3 178.250.2.151 44788 (ASN-CRITE...)
3 178.250.2.150 44788 (ASN-CRITE...)
1 213.202.235.8 24961 (MYLOC-AS ...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 69.173.144.165 26667 (RUBICONPR...)
7 10 142.250.186.98 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 185.29.132.245 30419 (MEDIAMATH...)
3 69.173.144.138 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
2 5 35.71.131.137 16509 (AMAZON-02)
7 178.250.0.139 44788 (ASN-CRITE...)
14 2a03:5f80:a::... 50952 (DATAIX-AS...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.115 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:134... 15133 (EDGECAST)
7 104.19.135.78 13335 (CLOUDFLAR...)
2 2606:2800:134... 15133 (EDGECAST)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
7 23.0.33.234 16625 (AKAMAI-AS)
7 185.64.189.112 62713 (AS-PUBMATIC)
7 185.86.139.95 201081 (SMARTADSE...)
14 34.98.64.218 15169 (GOOGLE)
7 3.124.87.92 16509 (AMAZON-02)
10 2606:2800:233... 15133 (EDGECAST)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 34.248.172.222 16509 (AMAZON-02)
7 141.226.228.48 200478 (TABOOLA-AS)
1 152.228.222.122 16276 (OVH)
7 14 2a02:2638::1c 44788 (ASN-CRITE...)
7 178.250.2.146 44788 (ASN-CRITE...)
1 104.17.120.107 13335 (CLOUDFLAR...)
5 2a04:4e42::300 54113 (FASTLY)
5 141.226.224.32 200478 (TABOOLA-AS)
1 151.101.194.133 54113 (FASTLY)
10 14 185.64.190.79 62713 (AS-PUBMATIC)
7 7 104.36.113.107 62713 (AS-PUBMATIC)
3 159.122.14.34 36351 (SOFTLAYER)
8 10 76.223.111.18 16509 (AMAZON-02)
1 1 34.102.163.6 15169 (GOOGLE)
506 84
63    172.64.201.10 (United States)

ASN13335 (CLOUDFLARENET, US)
www.gazetaexpress.com
ads.gazetaexpress.com
3    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
1    2606:4700:3032::6815:4ae4 (United States)

ASN13335 (CLOUDFLARENET, US)
agorahtag.tech
7    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    52.239.139.164 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
gjstatic.blob.core.windows.net
9    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
1    2606:4700:3036::6815:4f16 (United States)

ASN13335 (CLOUDFLARENET, US)
adxbid.info
15    208.88.224.28 (United States)

ASN40824 (WZCOM-, US)
serv431.com
14    104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
20    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
6    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.66.248.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-38.dus51.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
50    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
2    104.107.161.75 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-161-75.deploy.static.akamaitechnologies.com
t.teads.tv
1    2606:4700:3030::6815:1b4 (United States)

ASN13335 (CLOUDFLARENET, US)
aghtag.tech
1    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    13.32.99.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-46.fra60.r.cloudfront.net
certify.alexametrics.com
1    34.211.16.202 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-16-202.us-west-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
11    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
c1.adform.net
1    18.196.230.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
9    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
8    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
8    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
b6d2dc3f1cafc5805f52178ed75c3300.safeframe.googlesyndication.com
3    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2a03:5f80:a::b212:e78a (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)
ads.projectagoraservices.com
3    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
2    2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
6    23.0.42.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-42-150.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    2602:803:c003:200::67 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
1    104.26.1.156 (United States)

ASN13335 (CLOUDFLARENET, US)
bisko.gjirafa.com
24    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
3    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
widget.nl.eu.criteo.com
dis.criteo.com
3    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    213.202.235.8 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
10    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
1    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    2a05:d018:d29:3601:767c:59f3:46b6:92b0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
5    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
7    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
14    2a03:5f80:a::b212:e7a8 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)
cdn.projectagora-adtag-library.com
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    18.66.97.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-115.fra56.r.cloudfront.net
ad.as.amanad.adtdp.com
3    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
7    104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
2    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
pbs.twimg.com
14    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
7    23.0.33.234 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-33-234.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
7    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
7    185.86.139.95 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
14    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
projectagora-d.openx.net
u.openx.net
7    3.124.87.92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-87-92.eu-central-1.compute.amazonaws.com
tlx.3lift.com
10    2606:2800:233:1ab3:789:1032:20e3:21 (United States)

ASN15133 (EDGECAST, US)
video.twimg.com
2    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
projectagoralibs.com
7    34.248.172.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-172-222.eu-west-1.compute.amazonaws.com
projectagora-483829-hdb.adomik.com
7    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-trc-events.taboola.com
1    152.228.222.122 (France)

ASN16276 (OVH, FR)
PTR: ns3189334.ip-152-228-222.eu
s333.adxpremium.services
14    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
7    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
5    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
5    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
tsdtocl.com
14    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
7    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
3    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
10    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
Apex Domain
Subdomains		 Transfer
67 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 983
trc.taboola.com — Cisco Umbrella Rank: 571
trc-events.taboola.com — Cisco Umbrella Rank: 1715
images.taboola.com — Cisco Umbrella Rank: 1580
am-trc-events.taboola.com — Cisco Umbrella Rank: 15190
pips.taboola.com — Cisco Umbrella Rank: 1788
cds.taboola.com — Cisco Umbrella Rank: 1006
1005 KB
63 gazetaexpress.com
www.gazetaexpress.com — Cisco Umbrella Rank: 388063
ads.gazetaexpress.com — Cisco Umbrella Rank: 980360
2 MB
36 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 736
ads.eu.criteo.com — Cisco Umbrella Rank: 7942
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9904
widget.nl.eu.criteo.com — Cisco Umbrella Rank: 15315
gum.criteo.com — Cisco Umbrella Rank: 355 Failed
dis.criteo.com — Cisco Umbrella Rank: 619
mug.criteo.com — Cisco Umbrella Rank: 3197
121 KB
34 criteo.net
static.criteo.net — Cisco Umbrella Rank: 638
csm.eu.criteo.net — Cisco Umbrella Rank: 7893
pix.eu.criteo.net — Cisco Umbrella Rank: 7678
464 KB
28 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 552 Failed
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 420
image8.pubmatic.com — Cisco Umbrella Rank: 543
image2.pubmatic.com — Cisco Umbrella Rank: 752
6 KB
24 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 436
eus.rubiconproject.com — Cisco Umbrella Rank: 512
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 11193
token.rubiconproject.com — Cisco Umbrella Rank: 593
pixel.rubiconproject.com — Cisco Umbrella Rank: 288
45 KB
23 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 591
syndication.twitter.com — Cisco Umbrella Rank: 840
642 KB
21 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8575
c.mgid.com — Cisco Umbrella Rank: 6289
cdn.mgid.com — Cisco Umbrella Rank: 10842
servicer.mgid.com — Cisco Umbrella Rank: 8740
s-img.mgid.com — Cisco Umbrella Rank: 7632
cm.mgid.com — Cisco Umbrella Rank: 2442
280 KB
21 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
165 KB
17 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 356 Failed
tlx.3lift.com — Cisco Umbrella Rank: 532
8 KB
15 serv431.com
serv431.com — Cisco Umbrella Rank: 816532
26 KB
14 openx.net
projectagora-d.openx.net — Cisco Umbrella Rank: 30725
u.openx.net — Cisco Umbrella Rank: 636
2 KB
14 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1902
160 KB
14 projectagora-adtag-library.com
cdn.projectagora-adtag-library.com — Cisco Umbrella Rank: 29070
836 KB
13 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 1397
pbs.twimg.com — Cisco Umbrella Rank: 688
video.twimg.com — Cisco Umbrella Rank: 1519
478 KB
11 adform.net
adx.adform.net — Cisco Umbrella Rank: 4785
c1.adform.net — Cisco Umbrella Rank: 529
5 KB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
b6d2dc3f1cafc5805f52178ed75c3300.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
196 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com Failed
16 KB
7 adomik.com
projectagora-483829-hdb.adomik.com — Cisco Umbrella Rank: 24426
721 B
7 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1311
3 KB
7 casalemedia.com
r.casalemedia.com Failed
htlb.casalemedia.com — Cisco Umbrella Rank: 427
2 KB
7 projectagoraservices.com
ads.projectagoraservices.com — Cisco Umbrella Rank: 17686
18 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
40 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
2 KB
5 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1139
t.teads.tv — Cisco Umbrella Rank: 2343
133 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 691
2 KB
3 gstatic.com
fonts.gstatic.com
112 KB
3 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 835
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
sp.analytics.yahoo.com Failed
ups.analytics.yahoo.com Failed
2 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 59
2 KB
2 projectagoralibs.com
projectagoralibs.com — Cisco Umbrella Rank: 143134
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 439
847 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
76 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 401
18 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
426 B
2 google.de
www.google.de — Cisco Umbrella Rank: 6342
adservice.google.de — Cisco Umbrella Rank: 9027
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
114 KB
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 1554
250 B
1 tsdtocl.com
tsdtocl.com — Cisco Umbrella Rank: 8621
1 KB
1 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 2502
1 KB
1 adxpremium.services
s333.adxpremium.services — Cisco Umbrella Rank: 107142 Failed
1 adtdp.com
ad.as.amanad.adtdp.com — Cisco Umbrella Rank: 1739
882 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
46 KB
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 548
idsync.rlcdn.com Failed
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 387
656 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197
5 KB
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11797
1 KB
1 gjirafa.com
bisko.gjirafa.com — Cisco Umbrella Rank: 320264
929 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4034
328 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 741
420 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 598
653 B
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5927
183 B
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 1568
163 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 alexametrics.com
certify.alexametrics.com — Cisco Umbrella Rank: 3749
552 B
1 aghtag.tech
aghtag.tech — Cisco Umbrella Rank: 44130
82 KB
1 cloudfront.net
d31qbv1cthcecs.cloudfront.net
2 KB
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 95075
87 KB
1 windows.net
gjstatic.blob.core.windows.net — Cisco Umbrella Rank: 180158
8 KB
1 agorahtag.tech
agorahtag.tech — Cisco Umbrella Rank: 96976
2 KB
0 revcontent.com Failed
trends.revcontent.com Failed
0 bidswitch.net Failed
x.bidswitch.net Failed
0 smaato.net Failed
s.ad.smaato.net Failed
0 dable.io Failed
adx.dable.io Failed
0 ad-stir.com Failed
sync.ad-stir.com Failed
0 media.net Failed
contextual.media.net Failed
0 yandex.ru Failed
an.yandex.ru Failed
0 adingo.jp Failed
cs.adingo.jp Failed
0 socdm.com Failed
tg.socdm.com Failed
adgen.socdm.com Failed
0 tpmn.co.kr Failed
ad.tpmn.co.kr Failed
0 addthis.com Failed
cw.addthis.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 tapad.com Failed
pixel.tapad.com Failed
0 mediawallahscript.com Failed
partner.mediawallahscript.com Failed
506 74
Domain Requested by
60 www.gazetaexpress.com www.gazetaexpress.com
serv431.com
31 cdn.taboola.com www.gazetaexpress.com
cdn.taboola.com
24 static.criteo.net ads.eu.criteo.com
adxbid.info
static.criteo.net
cdn.projectagora-adtag-library.com
20 platform.twitter.com www.gazetaexpress.com
platform.twitter.com
15 serv431.com www.gazetaexpress.com
serv431.com
14 image8.pubmatic.com 10 redirects cdn.projectagora-adtag-library.com
14 script.4dex.io cdn.projectagora-adtag-library.com
script.4dex.io
14 gum.criteo.com ads.eu.criteo.com
static.criteo.net
14 cdn.projectagora-adtag-library.com ads.projectagoraservices.com
cdn.projectagora-adtag-library.com
13 trc.taboola.com cdn.taboola.com
10 video.twimg.com platform.twitter.com
10 eb2.3lift.com ads.eu.criteo.com
10 cm.g.doubleclick.net 7 redirects www.gazetaexpress.com
9 fastlane.rubiconproject.com adxbid.info
cdn.projectagora-adtag-library.com
9 adx.adform.net adxbid.info
cdn.projectagora-adtag-library.com
8 bidder.criteo.com adxbid.info
cdn.projectagora-adtag-library.com
8 ib.adnxs.com adxbid.info
cdn.projectagora-adtag-library.com
8 securepubads.g.doubleclick.net www.gazetaexpress.com
securepubads.g.doubleclick.net
www.googletagservices.com
7 u.openx.net cdn.projectagora-adtag-library.com
7 mug.criteo.com
7 projectagora-483829-hdb.adomik.com
7 tlx.3lift.com cdn.projectagora-adtag-library.com
7 projectagora-d.openx.net cdn.projectagora-adtag-library.com
7 prg.smartadserver.com cdn.projectagora-adtag-library.com
7 hbopenbid.pubmatic.com cdn.projectagora-adtag-library.com
7 htlb.casalemedia.com cdn.projectagora-adtag-library.com
7 s-img.mgid.com
7 pix.eu.criteo.net ads.eu.criteo.com
7 ads.projectagoraservices.com ads.gazetaexpress.com
serv431.com
7 pagead2.googlesyndication.com www.gazetaexpress.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
6 am-trc-events.taboola.com cdn.taboola.com
6 images.taboola.com
6 eus.rubiconproject.com www.gazetaexpress.com
eus.rubiconproject.com
adxbid.info
6 www.google-analytics.com www.gazetaexpress.com
www.google-analytics.com
5 image2.pubmatic.com 5 redirects
5 cds.taboola.com cdn.taboola.com
5 pips.taboola.com cdn.taboola.com
5 cdn.mgid.com
5 match.adsrvr.org 2 redirects www.gazetaexpress.com
4 token.rubiconproject.com 4 redirects
4 jsc.mgid.com www.gazetaexpress.com
jsc.mgid.com
3 um.simpli.fi
3 fonts.gstatic.com fonts.googleapis.com
3 pixel.rubiconproject.com www.gazetaexpress.com
ads.eu.criteo.com
3 csm.eu.criteo.net ads.eu.criteo.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 syndication.twitter.com platform.twitter.com
3 ads.gazetaexpress.com www.gazetaexpress.com
ads.gazetaexpress.com
3 a.teads.tv www.gazetaexpress.com
a.teads.tv
2 c1.adform.net 2 redirects
2 projectagoralibs.com cdn.projectagora-adtag-library.com
2 cm.mgid.com jsc.mgid.com
2 pbs.twimg.com
2 servicer.mgid.com jsc.mgid.com
2 simage2.pubmatic.com ads.eu.criteo.com
2 fonts.googleapis.com www.gazetaexpress.com
cdnjs.cloudflare.com
2 pr-bh.ybp.yahoo.com 2 redirects
2 px.ads.linkedin.com www.gazetaexpress.com
2 widget.nl.eu.criteo.com ads.eu.criteo.com
2 cat.nl.eu.criteo.com ads.eu.criteo.com
2 beacon-ams3.rubiconproject.com www.gazetaexpress.com
2 ads.eu.criteo.com www.gazetaexpress.com
2 www.googletagservices.com securepubads.g.doubleclick.net
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
2 www.facebook.com www.gazetaexpress.com
2 www.google.com www.gazetaexpress.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 t.teads.tv www.gazetaexpress.com
2 connect.facebook.net www.gazetaexpress.com
connect.facebook.net
1 ad.mrtnsvr.com 1 redirects
1 tsdtocl.com cdn.taboola.com
1 biddr.brealtime.com adxbid.info
1 s333.adxpremium.services adxbid.info
1 trc-events.taboola.com cdn.taboola.com
1 cdn.syndication.twimg.com platform.twitter.com
1 c.mgid.com jsc.mgid.com
1 ad.as.amanad.adtdp.com ads.eu.criteo.com
1 dis.criteo.com ads.eu.criteo.com
1 s0.2mdn.net www.gazetaexpress.com
1 id.rlcdn.com www.gazetaexpress.com
1 sync.mathtag.com 1 redirects
1 ads.yahoo.com www.gazetaexpress.com
ads.eu.criteo.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 m.exactag.com ads.eu.criteo.com
1 bisko.gjirafa.com
1 bit.ly 1 redirects
1 b6d2dc3f1cafc5805f52178ed75c3300.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.de www.gazetaexpress.com
1 ap.lijit.com adxbid.info
1 prebid-eu.creativecdn.com adxbid.info
1 hb.emxdgt.com adxbid.info
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.gazetaexpress.com
1 certify.alexametrics.com www.gazetaexpress.com
1 stats.g.doubleclick.net www.google-analytics.com
1 aghtag.tech agorahtag.tech
1 d31qbv1cthcecs.cloudfront.net www.gazetaexpress.com
1 adxbid.info www.gazetaexpress.com
1 gjstatic.blob.core.windows.net www.gazetaexpress.com
1 agorahtag.tech www.gazetaexpress.com
0 trends.revcontent.com Failed ads.eu.criteo.com
0 x.bidswitch.net Failed ads.eu.criteo.com
0 s.ad.smaato.net Failed ads.eu.criteo.com
0 adx.dable.io Failed ads.eu.criteo.com
0 r.casalemedia.com Failed ads.eu.criteo.com
0 sync.ad-stir.com Failed ads.eu.criteo.com
0 contextual.media.net Failed ads.eu.criteo.com
0 an.yandex.ru Failed ads.eu.criteo.com
0 cs.adingo.jp Failed ads.eu.criteo.com
0 adgen.socdm.com Failed ads.eu.criteo.com
0 tg.socdm.com Failed ads.eu.criteo.com
0 ad.tpmn.co.kr Failed ads.eu.criteo.com
0 secure.adnxs.com Failed ads.eu.criteo.com
0 cw.addthis.com Failed ads.eu.criteo.com
0 sync.outbrain.com Failed ads.eu.criteo.com
0 ups.analytics.yahoo.com Failed ads.eu.criteo.com
0 sp.analytics.yahoo.com Failed ads.eu.criteo.com
0 pixel.tapad.com Failed ads.eu.criteo.com
0 idsync.rlcdn.com Failed ads.eu.criteo.com
0 partner.mediawallahscript.com Failed ads.eu.criteo.com
506 122
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-15 -
2022-07-14		 a year crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2021-12-13 -
2022-12-13		 a year crt.sh
serv431.com
R3		 2022-01-31 -
2022-05-01		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-03 -
2022-03-03		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2021-10-13 -
2022-11-11		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-06 -
2023-01-05		 a year crt.sh
paadserver.projectagora.info
R3		 2022-02-10 -
2022-05-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-10		 3 months crt.sh
gjirafa.com
Cloudflare Inc ECC CA-3		 2021-05-02 -
2022-05-01		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-06		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-03 -
2022-05-02		 3 months crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2020-01-22 -
2022-04-21		 2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
cdn.projectagora-adtag-library.com
R3		 2021-12-17 -
2022-03-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.as.amanad.adtdp.com
Amazon		 2021-04-06 -
2022-05-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.adomik.com
Amazon		 2022-02-09 -
2023-03-09		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2021-08-05 -
2022-09-05		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
tsdtocl.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-05 -
2022-12-31		 a year crt.sh

This page contains 44 frames:

Primary Page: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Frame ID: 218335AC3488D292644F4E2B2FB98076
Requests: 155 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220221/r20190131/zrt_lookup.html
Frame ID: 5A11038DD408EE173D604E076B7D84D2
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.gazetaexpress.com
Frame ID: 7EC843CB1BAFF61B6D0BF913C5B05E73
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4665846415960239&output=html&adk=1812271804&adf=3025194257&lmt=1645702302&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645702302042&bpp=3&bdt=515&idt=243&shv=r20220221&mjsv=m202202180301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1524244190953&frm=20&pv=2&ga_vid=771925142.1645702302&ga_sid=1645702302&ga_hid=1280571150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31065255%2C31063246%2C44756895%2C44756896&oid=2&pvsid=3415778849521025&pem=902&tmod=2035453144&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=261
Frame ID: 82C196EE6D9FF9150134FCCACD30C453
Requests: 1 HTTP requests in this frame

Frame: https://b6d2dc3f1cafc5805f52178ed75c3300.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BDAC2E96A3CFC34A81213C259D5A981B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMIsQYNx2EIoQWcUYaSN8CBFYR9TyhjeqI5R3zfO7VlMYH1oZK4_s11lGiORkCIEBic0dLVh1uKukkrfl6Rv5eC5d6CJYrjhryZL3Y6ir5n06g-o0l_Px0SoZdRspksliRi1CdpC32h4zaB4HIMVnSy3E26_6UqZ7Zbo0PUktmGOEBxwWSYWTooBCnGlcDmOWbf2Lt5a34OhWGFjz5TkFv0y9w51lschhJ0BFMsNBAKo2-rEQ0qk-P50APz7VWO0p5U7F_RR56bWb06BBcNRR4AcQqPnEJTlVGClKQAMXiy5GgLHDIagfQAd7Mdcgon5hFgA&sig=Cg0ArKJSzJgcCibKx-gzEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FF34FFA29FE9A2410D1EDAC626F7C974
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYlm-5xYatELenH8_WEawVZNRGIjbEma3iMZOPEurbna4EL1ABpNWymt7bEW2cNsKC1PrsOOrIHRv-xlA_um_AZSuulazsfKAgL7DaZ5i5OETp15b30NCmmJylTUgtX3Pfs6hK7f4mfry2FzC3t7OeyocNcsUcVWVYB02lGRfokD-2frGyWIhoeMo2roW_f9Z6lkzlFIUoXxC8Y4Z8A9R5LBuX-jLjzWZ-ft0TBj6UAcdc7rsdlhvtdeMREmeAQgyeDzExdyQRZ06ZLpRbRLH2cn-1F2loMOtkX9IKp5kldFcsQyWCRMeGgXyJF3WyZYlUkDLQL0M&sig=Cg0ArKJSzBRbalwcXrjXEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 37FC90F13D6D61429794B7F22DF92203
Requests: 6 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=4361
Frame ID: 019610C1BC3417952D4482A2406F2AC8
Requests: 20 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=6750
Frame ID: F665A195F50A22628B533B89F0DF3031
Requests: 20 HTTP requests in this frame

Frame: https://www.gazetaexpress.com/webads/onefor/960x200/index.html?utm_source=Gazeta+Express
Frame ID: DAB9274143DE9F036514486EF8E5148B
Requests: 10 HTTP requests in this frame

Frame: https://serv431.com/zzPYwtSKoNCAsBqFa4Rf4jHCLP7H4MnjJn01O6Ar9dydf2M6YpXaIhWUeK-ZKP6ttb1zChnx5QCIlJ5NSgZgILHhydlKjKhTkMvNqeL2Lcm64USsLp0XIxDeApcxapkf-NOJaCS_Fq-knguESLh7vBVONvQpYcpVn3GPk6z5K-ucqEHrUMET4fquGWVvBGEApN6FrwzOTpVpm2LsslfAEbtp8TIXhT9M74zR6EA-SMcDbrN9l2NSSZxedUriWbnVx_sJK9Ow8yvCwMpwoJF8B0tm-0Kg0pZs9JVNc8k0-qG3cQknJ49KUYNT9yDoxSH3mHZ6oLpkSkvHrBhmp9OPRftGrDY33flWNZIO_4oP_hUemvPzpPc5qbjZsXeX6z52kmXEGqwlEP7sGs5Fxcr-5KbUtnuuSp7Yra4JoBg?DC=WZ
Frame ID: 08114238E982B4DF1A61DD75CB35287A
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Frame ID: C98ADF1ECC39F46504F5C132A7CA3422
Requests: 23 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 795ACAB853D12F0E369C81374182BF07
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=D9C90B8C96C1CADA&u=%7Co7e3TP%2Bod6AfIasOIXFOjOXz7yxDcqO20myaCpJStPo%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cK_vlRc-05zX6ObfC7YwrS1f2RhnP1W1Bi9XesPz1ED-PI1uB2fGl-EFrW7eUtgZ9dX0ARfJiro1b70wYtGMPyuRmqC4z70-1ecxCSZx2zVU7jVuiYtnsAOj4EqJdiv3xmh5jj0UycPmQ1JZEMtcRNu60Zr0sfLsMOn60RHnKx8A-Rqfiti1TzDl7QNlSIWE-qFl3dKYCRF8Z52OeiNt1gB_ASqFHKJ9Ahzw8KXivMeoHGTejJXNWc_wEUqJpPdkE3EH9HOPfseqnpfii51wdFefBjQakzSJsra9o6K6o8VS-VjbuE_bcPfJhxmzvFTRPeaXreA1freucgov_-FIrljcVN-sBqSPmVsoAAGrv-cOaCUv4hTKvO5t9uxhjYCJidWcQra29Z4GXzQ_aGmUtWGwDn2VlUQRthsHsJ1m0Lj7Aa8LC3B65Ukc
Frame ID: D9A1CA48E61414FAC246870CBE7B39F0
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: B3185E1780B2EF2214F0D56EF9421BAD
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AD3FD9B6EE45CACD8E0692763B1E5014
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 568E5188BC2B89FF7B633E38524FC277
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3A13BCCE592135453C6ED70D7B81B8B9
Requests: 2 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=6751
Frame ID: 6BB088817691594A014BC6B80A276E90
Requests: 20 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Frame ID: 5395931E265E25AEE379FDD6C45DFC8E
Requests: 32 HTTP requests in this frame

Frame: https://widget.nl.eu.criteo.com/dis/dis.aspx?pu=7944&cb=62176c9de84b74ce35be32c782650024
Frame ID: 912D2806F0B3BC3E4ACCF2FED198748F
Requests: 1 HTTP requests in this frame

Frame: https://widget.nl.eu.criteo.com/dis/dis.aspx?pu=7944&cb=62176c9e6c2162c0b3a769ad903af06d
Frame ID: 0F2A05BE53BDA724D46CE87727C48749
Requests: 1 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=4391
Frame ID: AB447252E78C10CE761FB09118BB1FD0
Requests: 20 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=4391
Frame ID: AA8E6EEA6C4D9AA6FC8D51C3340277E3
Requests: 20 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=4391
Frame ID: 231E1628AA89CF6D35E9AB1DDC35D4D2
Requests: 20 HTTP requests in this frame

Frame: https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
Frame ID: 597C87ED5D660AA6A661938B1CBA556C
Requests: 30 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1645702303732336121691
Frame ID: 0212FE559076288E19E1161113BAAAD0
Requests: 1 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: 3E091CE6ED756D35249C944EF73BEC06
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress160x600gr-r18287011/loader.js
Frame ID: 2B26D5B9F35265CEA8D222C4A066D715
Requests: 10 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: 1E498761C65E254350389A72A4CFC5FF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Frame ID: A2F049B188D1BBDE8D85093A579A550C
Requests: 14 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Frame ID: CE3B7183C9B96448FE402A678F463CE9
Requests: 13 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Frame ID: 0D1987F4B1F471DED07292BCAC4FA9D1
Requests: 14 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Frame ID: 85737DE5902C21AD305BEA4A44E1DBE5
Requests: 14 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Frame ID: 2E906E0F5F6346F4067415C1F8BAAF69
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: C15B40D2A8CD545DEA91A2513CC8538E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: AFBCDBF94B3561E6A158605ACC3C1C75
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Frame ID: 4200A051C6435B046C104049F95FE485
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Frame ID: DCB85E0892624B2D47969A162A1E8698
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Frame ID: 5D858D4DF3D7DBABDB24C8E0A7F63987
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Frame ID: 6F70DC3B183BCFCDAFDCB06FA2343D3A
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Frame ID: D18978E09B128DB329A24AAE8A03CA66
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Frame ID: 08C8B808787086FA091A2610EB97F7D8
Requests: 2 HTTP requests in this frame

Frame: https://tsdtocl.com/
Frame ID: 08BF0E53EBD62278E7047A9D63B86D7D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Klitschko paraqitet nga Ukraina: Ne jemi në luftë dhe luftojmë për vendin tonë - Gazeta Express

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

506
Requests

89 %
HTTPS

43 %
IPv6

74
Domains

122
Subdomains

84
IPs

10
Countries

6982 kB
Transfer

17885 kB
Size

82
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 129
  • https://bit.ly/3HalLG1 HTTP 301
  • https://www.gazetaexpress.com/webads/onefor/960x200/index.html?utm_source=Gazeta+Express
Request Chain 182
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQ1ZTQzNTM3NzFhZWI0M2I5ZWQ0ODZkMGViOTQ0YTg5NjUyYjUwYQ
Request Chain 183
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L00WNRAU-3-IEFM&sigv=1&esig=2~031741e51463370bed298bb9db2b584c6a216a53
Request Chain 184
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L00WNRAU-3-IEFM
Request Chain 185
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=022a6217-6c9e-4700-8eb1-e8bab3e6aaa8
Request Chain 187
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/dtKf_XoIlm1x_QZqUCYjhQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7864689773492098874
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHN5VbCs9-Ha3aq8Jtpa13k&google_cver=1
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1YSE1uVGtiN243S0d4MFk4SFE2bDFObm5xWjBPUld0Q1V3RjFuQQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 430
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=0&topUrl=www.gazetaexpress.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=4Rlby3xqaTl2azl1eUFyUUw4WUttaHY2bHI0UE41bGR3dmtxa29reHlnWE1JTkNtZUN1M2NiVVUvcTZNNnFqL2h3MmZuMUNVSmp6T3FWL3hHVXFFQ1p6N2RvQTdPWkt4NC80N2pWa1k4R2ppVlJTbVNQbmludXNqRkQvUFRCcWt0Mk43UzBBK3VIbGtuOERZcmttTUthYTg1WXlleTNvYk8vYTBuUkhkMWwrbWNUQUdtdVhSQndqSWlPMFFQQzExQkRwblhiemJpNlhtaEd4ZG80SE9RMVRlV0hyc2VQT0toZngrSmV6M1Rka1BQRDNoeCt3aTlJR0JnWVFBQVNOREdIc1A2Q0VVOHp4Q1pQOXJkUVZRNHFHOFkwUT09fA&cppv=2
Request Chain 446
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=FxwoH19IRFo1VE1BQnklMkJIcE1RajJkUVA4NlZqWHJPV0ZZWUdkRSUyRlR6UWk2enF4NWZDeHczaWxhNXVmSVpzRkRueDQzYmtCZlFQb2R5RVhBWE9rWHNoZ2xjRGxqZVBjdVBuSVpaemJDd3R2bndPV1lTQSUyRjUwMGlRMnFPNzNQTXNNT2R2OHFhT0hMR1I5dTZIYUxvJTJCQ1olMkZTQTVBJTNEJTNE&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=6vhyGXxZdndyVmxkN3diTzFtZThacUFQL0k5eVErMkdkRE5qSE1ib09BNTQ1VVBqWU84RDJLVjJwdjBXeWN3NzJ5WllzZUovbnFZL3NVZzdLdlhPMm9KSEVkbzR4c3BGWXNEZXpOQWo0Y211M1JLNEE2REgvbnJJR25hNHE2NFF3QW9QMTFrUlhGekY1OTY0NHovbWNobHA3Q1pzendzWkQ0MWZZaEx6TEJYUkN6dWxwRytoY3pObVNpR2RTVDRYMW5oYU1kZGJidVBUWVB4alFwbzdDZEdweU80Z1VuUFpKd2UzYldEcFR6SXhPRmo4clB4S1c0dk9UUnRqTTRLTDlMREFTM2pMMDRidGZiaVlOMTBSNkNVK0lMNzdFTFR1YnFycDVkZkp6VU9jeFJRRT18&cppv=2
Request Chain 447
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=FxwoH19IRFo1VE1BQnklMkJIcE1RajJkUVA4NlZqWHJPV0ZZWUdkRSUyRlR6UWk2enF4NWZDeHczaWxhNXVmSVpzRkRueDQzYmtCZlFQb2R5RVhBWE9rWHNoZ2xjRGxqZVBjdVBuSVpaemJDd3R2bndPV1lTQSUyRjUwMGlRMnFPNzNQTXNNT2R2OHFhT0hMR1I5dTZIYUxvJTJCQ1olMkZTQTVBJTNEJTNE&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=DIL_xnxUVy92dnNKaFRoelZmd2lqc3pCZU9BbFpvT1FjNlZqODFSQjFKaUJyREgrWFpLYXZYUk9OZmdzMGNoTU9DZGxTSTBKd0pKNXg4d0JkVHgrT2s0UnVVcVcxeWl1SlVjNzlyY0lORTR6andWYnFxWnlyc3BNVmd0Z1BMYmw5MXlVeVJXVG9lZjNBbEFoU082ZEZXT21FZHB2Wm5ZZFBCaTB2WC9KS1RUTTJ1N0FyeW44b1IzcGpjcjhXMWw1WGg2NXJub1R6Mk9iOEZwYVpIeERMdmxGckc1WjJYeGZFWW5HUlV3SXhOemt1UUlkZllTMjJBdlpTbkRLNlloajZMTkdiVHEzMFVWL3NuR2x6eHByenpob1hNWHpnYnBDSEc3TThzMERvQm5QbmVKcz18&cppv=2
Request Chain 453
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=Uv77iV9IRFo1VE1BQnklMkJIcE1RajJkUVA4NmZ0STFJMlNrenF1d0kzdWY3cTdZM0NXdWMwbVlmSkNhWDlBd0c3TGhmUDBZb0JNY3pHbmN5VDFRR3l1Ukdkd084bThIeEpXRCUyRkpNdHVWZUxqNEExSFhtdEtoUUQlMkJuRW9yUmlJdVNXdTVNN2tFMXh1RUI3ZmswS2c1M29qUkwlMkJlQSUzRCUzRA&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=AGHJiHxuanBNeU9WTnZHazZyeENqRU9HSmxNb1c1Q2dLcWRMV1RlSEFBY25FSVA2eExSUWVNdEhnbWt0UTRnTTAzb3hlU1FkbzJJSmdMRVZTc1h0S1l4eS9WMk10cUtlYWpFYnZ0NVh0Zkk0RS84RGlwUnR3YVJoZmNxQW5tbGVBd01WdnlKdm8xWGR6SlR1QWdjclVLZklWM3QzeElpbUpCcGQxKzJRMTRXNk1sRnVuOXJCeXU0YTlLNmVpdmlqT05JdndPQzI5NDZVRnNPcWZwRk9FRFVPcTc1d3BZYTBoV1ROeEd3azRKUTFIS2xjNjl0dUFMcU9iRzFVNjJEVTZ6RU9VaDJpTXd4NGU0SWhuc1M1MGdrTUJDR2hjdG45aDQvUlhEWmxHTFRYd0dMOD18&cppv=2
Request Chain 458
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=Uv77iV9IRFo1VE1BQnklMkJIcE1RajJkUVA4NmZ0STFJMlNrenF1d0kzdWY3cTdZM0NXdWMwbVlmSkNhWDlBd0c3TGhmUDBZb0JNY3pHbmN5VDFRR3l1Ukdkd084bThIeEpXRCUyRkpNdHVWZUxqNEExSFhtdEtoUUQlMkJuRW9yUmlJdVNXdTVNN2tFMXh1RUI3ZmswS2c1M29qUkwlMkJlQSUzRCUzRA&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=hFxQznw2THZFdHI5eU9jdDJlS052WkRUbmUrV21KWGIzcythdFo5K2cxeFRzdXVUTVE5dlA5bm4yV0JrUStOVUx1bHlLeWR6dTduNEg2L2hQQXd1UGpqSS9UbE02S1krNmZXSkxOc0MrNzI5Ulc0MGxDLzZrRDJlck9qSjZrL0YxdHB6dUlSaVB6K3QxdlhuYm4rWVRRa0hRWGY1cVNNeVBLNVZIYUdRRjBBdlgyRWZjQVpMMHJkZnNMZjdabVQ2OVY0Umw1a2VpL3A0L2l4THE0a3h2d0lveFZLQ1lZV1ErZzZVRWJBVnFXaW41OTQrY1psNWhPaDZJbFh6bUlWSWF5NzNzTTdlVGlWcjBFTzhRM2FYdEd2NXI4SWtrMzZocVMxYWRzc3J6bU9pWkdVOD18&cppv=2
Request Chain 459
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=Uv77iV9IRFo1VE1BQnklMkJIcE1RajJkUVA4NmZ0STFJMlNrenF1d0kzdWY3cTdZM0NXdWMwbVlmSkNhWDlBd0c3TGhmUDBZb0JNY3pHbmN5VDFRR3l1Ukdkd084bThIeEpXRCUyRkpNdHVWZUxqNEExSFhtdEtoUUQlMkJuRW9yUmlJdVNXdTVNN2tFMXh1RUI3ZmswS2c1M29qUkwlMkJlQSUzRCUzRA&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=RMWtWXxVb2dwdFQyV2RxcjVRVDI1Z1d5cmtZNzlYZlM5UlVOUEdPME9RUlBoZW9zQUdsVExHV1ZvZFBITFBDRkNwMFhSNWZ1N2U4S3QyaG80N3UvM1hxOVF3dU9WN2E5a01QbDF1QTgvM00wK3hCbmRXSExBRXVPMFM5ZGZKcVZjUS9LeFdUdG1Jc1FvZjkvZUNjUGxBVUdFSjVEekUwZDZUN0daMWxpV0E0V3pzTGVDeVNpcEhPSmhwL3UzR2t4WkJXckZwQWNRdXUwRWc4LzhtTUpLNTBBOEhLWnB1aUIrbUR4M1ZZOCtWTGRjdS85dnpzSXBFcnlqTGphTFR6UjVBRlRwMHJMUjVrOG04cnd5UUJwS3lUbzZkWEJZalF3K0tHL0FkNS8xcG9PV3o2ST18&cppv=2
Request Chain 460
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=Uv77iV9IRFo1VE1BQnklMkJIcE1RajJkUVA4NmZ0STFJMlNrenF1d0kzdWY3cTdZM0NXdWMwbVlmSkNhWDlBd0c3TGhmUDBZb0JNY3pHbmN5VDFRR3l1Ukdkd084bThIeEpXRCUyRkpNdHVWZUxqNEExSFhtdEtoUUQlMkJuRW9yUmlJdVNXdTVNN2tFMXh1RUI3ZmswS2c1M29qUkwlMkJlQSUzRCUzRA&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=cJlgjnxiNVovQlBBYW9ZRTFXRlZuK21mTUlmR0RHYkVjZTJ3QzBlUWs2bUloK3BjMWJqYmREb01uayswZklSMkp4d2dmSjBwVlVtbTU2TmwrZ3g5YWZ6cDdxZHFSYXR0QW5XdWpRN1hqTTJnZy9nR01SZURQanFUb0RhRE1NTlhmVDN0R1VRSTBPSlpaaytPSEFZZnQ1WXRqZC9QQ2pwby9CM0lDVG9SemNGemRZTDkyY0JSbDgvVmh3clNjTjNJN1B0aXRkeCt0ZHpOVmNoVHpGYU5KOUM3U0VCNmlxY2lZdlVTZGxvbHdLT3dXRUc2cXJXcURnZkFnenViOUJWZFdHcldXQXV4YS9pTFEwRnhnRnVkYXllSnpaLzRhVUtrSnArdGo2VGRuRWJpa0tTOD18&cppv=2
Request Chain 483
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDBBODlEQ0ItMjMwMS00MEQxLThFNzktM0Q5RjdEQzQ1NTYx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 484
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 485
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEIwNUZENDctNzEyQi00REM4LTkyQjctNDRENEQxMjM5NkNE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 487
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 488
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTU4NjQ3MTItQjQ2RS00QURGLTg5MDAtNEY2OUM3RjY2OUQ0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 490
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=QYBcbUqfp&dongle=u6nf
Request Chain 492
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Request Chain 494
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3MDE0MTA3NzQ4MzA5NjUxODIz
Request Chain 496
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBHtrPAvf-ezjEDrc6tm6bo&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 497
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBHtrPAvf-ezjEDrc6tm6bo&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2101496415489368585 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0225f992-746c-4db8-a0b1-fdced593cb28 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 498
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=437014107748309651823&dbredirect=true&gdpr=1&consent=
Request Chain 505
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/437014107748309651823?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-8PeCe6ZE2oSWHb4GLnu5g6xHmj_R0JD2Ir47XGPEhg--~A&dongle=0883

506 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/ 		46 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ce0ae3754107d66ad7dee13768fc169f4c63cce988aed318ea01250be05c1ff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding
x-pingback
https://www.gazetaexpress.com/xmlrpc.php
link
<https://www.gazetaexpress.com/wp-json/>; rel="https://api.w.org/" <https://www.gazetaexpress.com/?p=1446269>; rel=shortlink
x-elasticpress-query
true
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2Bj2ClGha4kylHc3iVAcU9Pn2b%2BjYWuEKSNwTJ9OJrPnVLzzYugqddamODjSls4ktVOarESwKAbUJaCSxRGp8XkxUxV0UqjsSFhtS5UtofRo%2FO9FUabx57%2BHac1OR6u50xU45yYqtWI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e285e7798c09152-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
y7fSIC-Nar-PQDdmdwDlbGcPmlk.js
www.gazetaexpress.com/cdn-cgi/apps/head/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/apps/head/y7fSIC-Nar-PQDdmdwDlbGcPmlk.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fad256c668aa1eb51fa18a925e95273df342e46f3162de728123b4c1fb922b5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683264
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1BF9QVJZXCB8BR4P
x-amz-id-2
DZfH/DKbEW6iprS7LXWimgfjAih1FxzhV4ROJQscY4chpFyAUlaN5m8tqH5r+LOvXqIdqs8oXNw=
last-modified
Tue, 10 Nov 2020 13:59:35 GMT
server
cloudflare
etag
W/"b61e1b8cbc26b381f84b9fe75d6bd20a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0H9cy3x12dE832NPqSAsfY%2FnYkt4W7vGekqvFACKia6ERXFLez4y6vXc2CH%2B32GgoG7NxE5aHZDBLijERPMmSrLlyfU2kFE80XRot6cGb7YhQyvRSbDncejvPR%2FpeUVQ2F%2BgkTiMuA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
EbY_Qr2u_RqkzHBQ7tezB1tU2A4mETa.
cf-ray
6e285e78bbfc9152-FRA
tag
a.teads.tv/page/76285/ 		787 B
689 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/76285/tag
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9800465cae64bdf8617aaca614fe37e565cf5b9e577daedd111816175e406b04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
489
expires
Thu, 24 Feb 2022 12:31:41 GMT
gazetaexpress.com.js
agorahtag.tech/c/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agorahtag.tech/c/gazetaexpress.com.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:4ae4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b6ce5bce35a38960eda5c669c47447957cf16042d21a91973f55393e5b3b55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1338
cf-ray
6e285e7a7dbf83a2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1538
x-amz-id-2
YaTKhqRBeDIvfjbe86X8x5LKwaoC4J1CZeB59w1kKKMqyPVsxZb/eeknBZAYGZbx5O5YK5w1vQQ=
last-modified
Sat, 05 Dec 2020 13:38:00 GMT
server
cloudflare
etag
"9a03cc3598f1fbece481220c80dd2575"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BOs3LJY993%2Fey0NuH9rho%2B%2Fz0BK5BRuClX1uxLVh3cQsEGAieJrS9GBmvEVo0t2T1ru8TkBduSsZISIwDyjtaBku3jQssj%2BlmLZzCL373Tp4hJEaT3DHcB5rn6DBPFAQ4rJ4chb%2BI0GmkaOyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
F7P8QPGBS0JNQVPA
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7162f604bb0a4906fc12f7359a0c94a78c782293149d0da1807239d992572fa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53796
x-xss-protection
0
server
cafe
etag
15783965916895567023
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 24 Feb 2022 11:31:41 GMT
gjdmp.js
gjstatic.blob.core.windows.net/fix/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gjstatic.blob.core.windows.net/fix/gjdmp.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.139.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4d3c2716fb807011f9b2da62eccb916cb685d127d731c19b72e91d1116b18b71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 24 Feb 2022 11:31:40 GMT
Last-Modified
Sun, 28 Feb 2021 19:38:55 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
AkdWFmz3+ZBD6nME4CH9VA==
ETag
0x8D8DC207C714D5F
Content-Type
application/javascript
x-ms-request-id
a30c17c1-101e-0095-2f72-29c20c000000
x-ms-version
2009-09-19
Content-Length
7361
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
e3df45ab6279fb77347df39b0ea3f2f088acb1754dd4f17e988733f1abd6d5c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27365
x-xss-protection
0
server
sffe
etag
"1141 / 840 of 1000 / last-modified: 1645695973"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 24 Feb 2022 11:31:41 GMT
gazetaexpress.js
adxbid.info/ 		285 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/gazetaexpress.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46bd65df4f409fb2e7308c958be9e21ef67a5a8a253a65b1ea0da54f13c8523c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jan 2022 14:09:44 GMT
server
cloudflare
age
5207
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZlimiLlkJbpYdBEh17OwyrysCL3OCoFlsHeEjyzo2XrLFIrWRikS7IBppa7SR2cx5NzLhaatL0uHllojll9jyDaCSWHfxTdNgQ38zRims0pzh804UhwdamWcn2nB3y6R9DTO1m%2FkHASMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e285e7a6d123753-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.min.css
www.gazetaexpress.com/wp-includes/css/dist/block-library/ 		40 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683264
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:32:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NptUhd6Vb0yek10GjBWERn5Fo2ZNIDkRanzsejHauKtztLmCKlBeqlnQtNIz%2BL1%2F6dvvauh1%2F8G%2BglWcTUwThFQvqM4CjynloSO5UjLN4DHuLbmObAmpoQFNkLcIQlyyJRDNGw6bzdM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6e285e78bbfe9152-FRA
expires
Sat, 26 Feb 2022 11:23:01 GMT
related-posts-block-styles.min.css
www.gazetaexpress.com/wp-content/plugins/elasticpress/dist/css/ 		284 B
494 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/elasticpress/dist/css/related-posts-block-styles.min.css?ver=3.5.1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d067735991c685e2ff4b1002571d94671a3cc0b93a4c367a9f268c2d4a8a97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683264
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 07 Nov 2020 00:47:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyC98bw4fsgZQ%2BdILWyp1mF8CrrzGP%2Bb7rKn%2FkqnNa8odqwM2skABJS9TczOMyW6GaGUuAx%2BG%2BiTnJHD1hQ%2F1DAAC5okzzxff1yIvOgSdpm0nuR3TEFqMFsXOuveLiBQASCp%2Bc31Xr4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6e285e78bc019152-FRA
expires
Wed, 16 Feb 2022 01:40:46 GMT
blocks.style.build.css
www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/dist/ 		27 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.3.10
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85121a60fa28046f20d9a0f53aa7f48389804115c109dd8c1ad24b2316483d2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683264
cf-polished
origSize=27723
x-cache-status
MISS
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:34:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PyvVTmbcA7hg1KevHRY53eVl3d7DNDf3k590jxVyNV2NJZWKH8jJNbpcCYwQHbe5OXs4kzVxGlbMkngIHzjJnCVLYDgbpSpcdPm1VozOq26GtIOg53EoYSILkAMWIO8Zq7EA11grb4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6e285e78bc029152-FRA
expires
Wed, 16 Feb 2022 11:23:02 GMT
style.css
www.gazetaexpress.com/wp-content/themes/express6/ 		104 B
402 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/style.css?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be1276b9fcc751ea3d53906870d6328216238d74a223806349150987dfc7a568

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683264
cf-polished
origSize=112
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Mon, 06 Jul 2020 07:49:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lT5YIdTcA2%2FABHv93tF9xjic8P5Ku760HoWGCMJJywRWfEz4TI%2B5skZH8irK6czBslFWhZkY4yt9LmnnAET1aSKB0CxIInz2O38Ur%2BEaUKU1eeYDVa2kVACVP0beR1BA8hpJxCespM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6e285e78bc059152-FRA
expires
Sat, 26 Feb 2022 13:43:57 GMT
mainStyle.css
www.gazetaexpress.com/wp-content/themes/express6/assets/css/ 		47 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1a2e5ffa0b16b7f55eba0ace46076a613f872f8844dcd9667dec900d5f27e46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683264
cf-polished
origSize=67115
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Wed, 03 Mar 2021 17:56:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6sV695gxJKW%2FcICcxK8eB5EerzcO3hnbbolpZcB0FOnvTczgVeX9%2BbJqXdrO%2FLWOh%2FctxbU6B%2BQzAkJOdD9Ov6DdVJjKywAIe6lJF8wF04l21SEmdg8KMbD5t0tzQq8Fj73TejRmiA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6e285e78bc089152-FRA
expires
Sat, 26 Feb 2022 11:23:01 GMT
bootstrap.min.css
www.gazetaexpress.com/wp-content/themes/express6/assets/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/bootstrap.min.css?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683264
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFeknqspiuNCCJwAKhqnOIk7uknDJsGRGxQNLf7wDUaERcUiPv1cJ7boXso8XZFl2x2X7QrKS4RKdT4bTGE3X2sWJulvmQ7dw3%2Ftcp%2Bu4PaxwfDzB0S9Y7PM2eNCYJQu4RExipuiaTI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6e285e78bc0e9152-FRA
expires
Sat, 26 Feb 2022 11:23:01 GMT
owl.carousel.css
www.gazetaexpress.com/wp-content/themes/express6/assets/OwlCarousel/dist/assets/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/OwlCarousel/dist/assets/owl.carousel.css?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bf5ec97a26ec5291f86b864fe727de79accd6c0bd484ff3dfe75e74cf3289a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683264
cf-polished
origSize=4744
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WzmEbJmKlqHd1N091FbmYvpr5iCTHi83wWZvCnz9HA8JPEd%2BUXJ21yI%2B2ILvlUMr8yWgeLyrXuej9l%2BGl%2B9YEH1XBQ7GnnGFVENrFczM4Ebnf653gKoufZ%2BIDuafZAL%2BOrh5HFbf3g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6e285e78bc129152-FRA
expires
Sat, 26 Feb 2022 12:30:45 GMT
wp-featherlight.min.css
www.gazetaexpress.com/wp-content/plugins/wp-featherlight/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/wp-featherlight/css/wp-featherlight.min.css?ver=1.3.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e40ce0930cd0748fb92bc75739f641212565a3f3f2d719c667f90083d07fbaac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683264
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 14 Aug 2018 01:52:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egsItwDYEDnrkdYAtVvfTDsyjZsGnYk%2B769N8GKY1%2FedW2kWywGZITPPkXz%2BNdM8O5ZDGufiJhW83YKP4ll4E8yTU1oXkI4daMrrdYpsq7bUNBDtpJ5uKe8HJYcdO8tpyaR9JdqxYI4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6e285e78bc149152-FRA
expires
Sat, 26 Feb 2022 04:01:58 GMT
jquery.js
www.gazetaexpress.com/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683264
cf-polished
origSize=96873
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Wed, 04 Sep 2019 23:48:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6le07nul2NHrrBw7O7ijwcCNixUphh%2Fv28I9VfZH7Zh8wfrH4EfjLK4mkvc8wIAFpyGxXR94Eb5ItNhwN22qrtaHQFxHMO6I5FeHfBqhNHBD2p4tSft4xBu05O%2Fc5bN04DXMRpYNak%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6e285e78bc169152-FRA
expires
Sat, 26 Feb 2022 12:33:53 GMT
jquery-migrate.min.js
www.gazetaexpress.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683264
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Fri, 20 May 2016 05:11:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUUnIeAL8Cd4qdUbTm%2FAAkICbkqE9RKMW3R4gd14wM8aj1asmUGlG0kRijKmg0GTqn4AQhYztdCVMiyES3W0rYuLhliv0zHsat4vK8tkv8rI6XY6e3dG8c4DZpwVzhI8MqEukYLOk2U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6e285e78bc209152-FRA
expires
Sat, 26 Feb 2022 09:34:28 GMT
invisible.js
www.gazetaexpress.com/cdn-cgi/challenge-platform/h/g/scripts/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f91b099723622b7d7c6676488db096b87d6e47e44e2498bdf3701fd8d7220f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8hd6anXVE3PLZVB5Pm4IM10iefKixEi%2BmftVJ5rLVPXpsWCzm%2BMpaZkU5sQazZSf7bza4P%2BRS2eVPy2DzQsRHv%2BN%2Bqf2KkmvITeOFy0UUf%2FXcwK0ynxYltCqrOxL1ip8C1jIGKsUOc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6e285e7a0d17915e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
0a3b5987.js
serv431.com/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv431.com/0a3b5987.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
fef7c3eed906d6262687bdd1a5cd8f08c88b80368b5368bd6af84b0f694a2396

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
gzip
transfer-encoding
chunked
accept-ranges
bytes
etag
"085d6320d2a63bf94706fdf85f6662fa6"
vary
Accept-Encoding
content-type
application/javascript
express_logo.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/express_logo.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
202b60c49aaffc7e0f217e44c76e1294a5ddb44cfd09d3dd4b3f6fd3b2361f01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683264
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHD5GpKy0jhve4x%2Fy%2FWjMYFBOI9S29FhFJUzJe2eye7NTk%2BjEFyBSUwwhPgFAAqjs9mHjE%2BujC2grqEDLebeWZW37rEpOV8fq%2BHyFIBu7RlOTZa04%2FUx%2Fu1uqR8osuEHZGDeXu8poGw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d18915e-FRA
expires
Wed, 16 Feb 2022 09:09:34 GMT
world.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/world.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36234dfc3643d15135aa25829d06d32fc1a843e9bec39b64ca0ffec08eac4a45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683262
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4qODANFBPij8d44Sd7IR9%2F5evtXav2TQAZZse%2FmfaC08DkHkW4GJSTQAMNfiyisd4aheUxXI9J1UBE4vCJ1ty7%2FyUR%2BGeJHGITbtoIPPb6o5A10G59BYW8Jd97SH5nUau%2BSS3dVyTM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d1b915e-FRA
expires
Wed, 16 Feb 2022 09:22:47 GMT
noun_live.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/noun_live.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8b437d60188c442585796d764a8553f266fa878437b96be8009a1642e6cf278

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683262
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrrKtn%2Bh5AVC9tBLY38x7an4kxwRFzl174kNzFJ1lJBXk2G0vTTDYDl9d%2Bo3f6OZQapLOHoZKxFL0ewZ4ng5m8bfLgVgIHQRmX%2BOHOu1FWLhuej0y%2F08pq6gCeBEsK2LQ%2F6Z7kEv6WQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d1c915e-FRA
expires
Wed, 16 Feb 2022 10:23:55 GMT
search.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		509 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/search.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dfec6c7e2254959d01350a2ea2f613ddaaf9e92249d7bb13b75b4dd0837c534

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683261
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ER6ynfKXO%2FPrfVL2ARzFqZaDGoZTlFYpklllBeRhjALqJ7dscZCsefQ7U4Gf8QEgenjFluG03%2Fu5Cr8StfCf01CJFGfOffJbPs%2Fj2%2BkDbAiiHV%2FIDTd8bqLhUSGH4iEsEyR7PcANy0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d29915e-FRA
expires
Wed, 16 Feb 2022 07:51:44 GMT
youtubevideo_icon.png
www.gazetaexpress.com/wp-content/uploads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/youtubevideo_icon.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
374185e53bbef45445536ca0bec29e8ee94dd9c3ef96914dfa69a13447964ca9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public, public
date
Thu, 24 Feb 2022 11:31:41 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 21:40:59 GMT
server
cloudflare
age
682001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyYWplFq9VKEePC75cXQUdZEZCdNuf8gkQowWVgVRG0bHQWQecNvIfiYByrKInsNnTFCPWU30xqca0kyHITr1hJT87bdQBS9j%2B4ubb1TUkRGpnl%2FvvD4MVjv3Ww2wRg0GJc%2BcvwRkx8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e285e7a0d2b915e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 26 Feb 2022 02:06:19 GMT
express-logo-author-96x96.png
www.gazetaexpress.com/wp-content/uploads/2019/03/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/03/express-logo-author-96x96.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed7d434cc3f89a09a5fb5385a44b646a302cc0e7f4a09f84f55dfeb14d1f100

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683230
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 12 Mar 2019 00:28:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiIbjCTWLMqbToaxUsiUZfXyk7eyPWD2Ozct%2FiAT8%2FROXSIKBSTFU8gIm%2FNbp2jdf2mVabrJjQsxzFFqO2rOgGcYFy7tmIjnxRmMY%2FFFXQP%2BhiSI8R6QLmGMxiKC2%2BBnnF0qghW8ROk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d30915e-FRA
expires
Wed, 16 Feb 2022 13:44:00 GMT
Screenshot_3-31-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2022/02/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/02/Screenshot_3-31-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82cc1ddf2e85c5cc94d1573cc0f0496cb79830d7c79a9c72a156038dc9f5d4c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Thu, 24 Feb 2022 11:30:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaDzsY41RZQXIIJYxpUvEfi2Cg2c0Uh3M7PCXzYBBDxwYIbiTPK1DGE4jPRFEWZTUKzPsFI9P9LJCh2bvb8PjLi7SfeNZsYn59GRP8C2uKfHHI8mX%2BNnQ%2FZJozjIgX%2Fdo0v3xVuRj7k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d34915e-FRA
expires
Thu, 24 Feb 2022 11:31:07 GMT
Virali-600x360.png
www.gazetaexpress.com/wp-content/uploads/2022/02/ 		237 KB
238 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/02/Virali-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
300cd1767d24de9e5b74fb1869daef024ad8d005d40d6d5c892deabb53e72d1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public, public
date
Thu, 24 Feb 2022 11:31:41 GMT
cf-cache-status
HIT
last-modified
Thu, 24 Feb 2022 08:54:15 GMT
server
cloudflare
age
9404
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HA2eOGSgfSD8gUJnLhs0oUwBRmB6xLz9AXmkBtzCwrRc%2BzsrFEDO%2BDAbBLDIqbjnsF8eox6UFSWJ9QGsjNIQ7XIfzyg6uwoXHbzQKFyLrK5XSBNh4Hz%2BLpF18S6OqZ%2BtnDfuD8ZvV5I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e285e7a0d36915e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 06 Mar 2022 08:54:54 GMT
gazetaexpress.com.1190148.js
jsc.mgid.com/g/a/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
538cb104157f6987b890d1f4701a3bbb121b23fb1ac1d05e5698ee8f1cacd6db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
age
4939
last-modified
Fri, 04 Feb 2022 08:27:30 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1KYBS62MTRQ61Z7C
x-amz-id-2
TC06VuG+lDCO1hzPdYrh+FwD7j9zEZBsDQrg08Nu9tOgd5fCPbB3IjdeuT51jifKvZIjZkW6/Cw=
cf-bgj
minify
server
cloudflare
etag
W/"196621e34717981c9777a851ae4e18b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6e285e7a4b289004-FRA
expires
Thu, 24 Feb 2022 14:31:41 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE7) /
Resource Hash
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:41 GMT
Content-Encoding
gzip
Age
172
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
29178
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:46:17 GMT
Server
ECS (mil/6CE7)
Etag
"f7f936f48944db7f829585c4368f33ae+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
facebook-logo-c.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		644 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/facebook-logo-c.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad8dc1681c0451d8590af4d2d08b7b16e4f6edf197f805929d6a85a2be1b622c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683260
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CSbW4Oc9lMfkX3jDwdyiKB3t3YCcyH6eGwrOq3pyTrGOeVE7FTqluZvCRXW2E33cilFb%2FZWYsuhpGo6iiIgQ%2F6EvhTnG0zrcEvSqRRdOzUHQeASGNTjqgbB4JbAWdBwwaOZpzp41EY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d39915e-FRA
expires
Wed, 16 Feb 2022 11:23:02 GMT
twitter-c.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		891 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/twitter-c.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcc16bf1238724eedd1638bf0937b691bb01d08e585ac5e1db274acb47147c5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683260
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fc7aGikXqDzkhIsWNDhUyp15Rr1xlEHo6UI5pZwyOPJKpzKA3Dm0uAlOuoYqLa5iFeRNRQEDproYuQSkPaEsxrK0gRAYHHtm4tz079C3VNOeXNpVfogCindiiXPgF3bOPWiyJ7Oqy4U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d3c915e-FRA
expires
Wed, 16 Feb 2022 09:22:50 GMT
google-plus-c.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		1016 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/google-plus-c.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58d5dd78af31fedc394fc1576004d11f96384907eaffd5260382daeefe8dccb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
680410
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKyUbytCvc5j0F68fsF6TigwwNlYoyRwuTGtUV%2BnBq%2F1KdNTfOSB1hmPLOv4dVqoRSvelfUma5y7MFI1OBEqeGt1zswN3qFjwt5riHDQh0VW8n7p6bgpzO8zJg1qJm6HiZpSu4NYrOo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d3d915e-FRA
expires
Wed, 16 Feb 2022 11:23:02 GMT
whatsapp-c.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		897 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/whatsapp-c.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b562cee19c4ff0e74eeb29a0b4f4013644c02f0cbc6ebf9f22a434cd527807

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683260
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9PovSB5JRwDLaEFiMmPDCTiX2SioR1asNJPDabnh6uxBwcDxbupvtaXIl8xqFPsSdDxfeRTqUIySdqMdeu0CxVk9tGi%2F63k%2FeSqUAS70zz2migxEZSRo9sggR%2FQ%2FrI%2B1ZSFRmMN8wM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d40915e-FRA
expires
Wed, 16 Feb 2022 08:17:47 GMT
viber-c.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/viber-c.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3ede5c007b843287b8ffd0c398af54969710362e87a04e571f5e140ef2a35ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683260
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crgmgU465unF5KMVedVnV1fhoxD%2BhkizQ5TVysGeb%2F7C6PfQ6H3Ajejmp9wzKdAlgWsr9ZhlfO1Lb9k9DpvNLvTHqu%2FdZlvr%2FQ8MhwVQ%2FynfWzSZbN9axAJZsJPiYZYRPA9cyBgyo84%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d42915e-FRA
expires
Wed, 16 Feb 2022 11:23:02 GMT
email-c.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/email-c.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cbb9be7acdac8ad96d8419b8eb4e7120b05295a42d3c50919370d1fc83547dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683260
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bkbc3Q%2BqlnRN5C2QxneObNLSIoyTAlMtdt7AJSZwjs2m7bB%2FbGRPox8i4K%2BRN9WB%2BMn5BnGdKPXEsni9rPqUMvhvX4y6c5dMCQq3GvNMiJbxFUy7hq8nZN3fPyoJWju86AYCm5GVads%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d47915e-FRA
expires
Wed, 16 Feb 2022 10:19:02 GMT
email-decode.min.js
www.gazetaexpress.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Feb 2022 13:46:32 GMT
server
cloudflare
etag
W/"620d0038-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HetQEiAEKpZLAwcHumB9cRSl7NzsCF73kUpdcd9vSoyNqAizt5MjPbRB7t64nNGcVGSH9m81uHSL%2B4vm2Fg48HwDDUoAhGNi3tCWoIa1hXg48TAa81O0t0EQLPeRa63yfvAn0PghDuU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e285e795adc915e-FRA
vary
Accept-Encoding
expires
Sat, 26 Feb 2022 11:31:41 GMT
gazetaexpress.com.1002277.js
jsc.mgid.com/g/a/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
facda30c07fffae1ead04152922e1b65421e79bec6e2dfa54d21ad3b0ace9e58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
age
5132
last-modified
Fri, 04 Feb 2022 11:15:37 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
PF7DX1W7YCF16WX4
x-amz-id-2
NeBMMYKeJKNLrpy7xd8KkDjT+xZc7wp6ft4ikZCHtCQMu4UeKdbIxFIjFQsxtQaslnVf3gaJY2Y=
cf-bgj
minify
server
cloudflare
etag
W/"c6e8609dcac54270680776c24f24ba08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6e285e7a4b2a9004-FRA
expires
Thu, 24 Feb 2022 14:31:41 GMT
asyncjs.php
ads.gazetaexpress.com/www/delivery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8590ee2871189fe2bdb44d32ceb04e73194eac8d2785113c8a87c79bcec64f3e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e285e7a18809152-FRA
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5sLvM7aish%2BtwU0a2D67Rp17sQ0MIP%2B5Hokv4%2Bf7nXKDLSJvIjh8labCVDvh%2Fu9EEuAzWrDtuLDE%2BxahMMPV%2FHBtOyOiXTsRpdmaaVC3pS%2BmwOdbQMIOv9buVE5AlpUwNWHaqM%2Bbm8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
cache-control
private, max-age=3600
expire
Thu, 24 Feb 2022 12:31:41 GMT
glauk-konjufca-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		208 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/glauk-konjufca-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba512ef98db602354169f125072cf47551a223e30bdbd79d4970c3e30ca7f3e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
83560
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Fri, 19 Nov 2021 10:45:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDKu6zG%2Bg0tnn2BPcqK7XyLCi5VI0dwrF4iGs1lHATpSmCBb6FtLXKEYEhZvKsaRVAXQADPj%2BHw5jX4xKu4tGcUjFTPJDilkLwuxN7oCThUJ9CxX%2FbkRsE7hpDkQydtE0RdZzfaJHew%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d4b915e-FRA
expires
Wed, 23 Feb 2022 12:19:02 GMT
ukrainaa-1-600x360.png
www.gazetaexpress.com/wp-content/uploads/2022/02/ 		336 KB
337 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/02/ukrainaa-1-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b74535a57fbaa47fc095e0b785720e29a86d8a141fc92d3792047d5b00bf787d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
450
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Thu, 24 Feb 2022 11:23:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1ISF7z6bNdYbwiRjn75xj9g6j1COD0MEfDBnYVwzlVx0ixMIpzXgEKVFxlxBUNOYp83V9wvtzyzlPKH0%2FZyv0TOEaOdcbXlsf3F4dozhsxUKer8HixNs5L1dNZgRqLAOnUDq25%2BeJw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d4d915e-FRA
expires
Thu, 24 Feb 2022 11:24:12 GMT
collage-4-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2022/02/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/02/collage-4-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f584b8a0ae2d6937d68844965067259472504a23c30e3ea5c5e6057bb262cdc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
702
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Thu, 24 Feb 2022 11:19:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oT3X78vScrCODbhjwjIso%2BTIebmM1aJY5R38y5IgfZCMoxHhml%2BGeaNwIQGr8pU1kW4hOMzINgFuNzkTeQ7GtiBwORVZAtgo3GdV99sImLeJn5CPfXvC%2B%2Bc%2FfoLup%2Fr%2B8gymes35%2Bok%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d50915e-FRA
expires
Thu, 24 Feb 2022 11:20:00 GMT
Screenshot-2022-02-24-at-12.07.44-PM-1024x603-1-600x360.png
www.gazetaexpress.com/wp-content/uploads/2022/02/ 		262 KB
263 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/02/Screenshot-2022-02-24-at-12.07.44-PM-1024x603-1-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba5f27b98341971dc9c7e67ebac8cd95bdbd8b9c6de041d36a639a8d21db1fd1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
891
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Thu, 24 Feb 2022 11:16:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Err356%2FEWVyocOBn8EAnoCQ7XYSg9bkRpEBumF66hlN58S7ERgJiFYyz75ueNLMv7pNDvM1%2FYRnnNkg9jZDUO0AMnrOGwnmOvTDorHHz8sto7%2BA1f%2B1sHBaLF08%2FLD2UVaYA3dafzQE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d53915e-FRA
expires
Thu, 24 Feb 2022 11:16:50 GMT
vladimir-putin-1569588.jpg
www.gazetaexpress.com/wp-content/uploads/2022/02/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/02/vladimir-putin-1569588.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e43c0507c2b3f247c1748237b1e7db8ba86d0c8c128b66180591409031f5532

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
964
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Thu, 24 Feb 2022 11:12:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQqp7BQ3it6yV0pZr95BaBub%2FeeVeSO6DD9w9kiN1gzA3dUI2tfPk40wB7LPyVM6r2wezmkxLtFKuOXPM%2BQkwmQTC4I6X9AsPyXIlapgnF8jJ3hNHcEjhBm83A9VRBBuy6AVtIVV%2FYA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d58915e-FRA
expires
Thu, 24 Feb 2022 11:12:59 GMT
gazeta-express.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/gazeta-express.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31dba1aec81e6b14d4ba4c8ff7974e33f480719a71ea60d42361c49b59c0a2d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683260
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1JP2dIDRACxPqhADamsaGurIUU%2Fbz7GPv59%2FdFuGmJQL7gfp4GBYDO2ioiM3OoucpdrzY66qYlPmUd1gey4BTRb6YN6R9UI2U0eLGqVzd19RX2jOL%2BV06Y3CSFmds2IKxjNHU3KzXg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d5b915e-FRA
expires
Wed, 16 Feb 2022 11:23:02 GMT
facebook-logo.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		604 B
913 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/facebook-logo.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f7ef35bdb15376d58e3ea16190d1d92a0379ae2f5b0b0108d393369dd09ed4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683260
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCgrTDGMzb%2BH2QkisGruPIWqMpBnjuLs2AE4VbWaIYpinDviHA405EM21zzZzP5MG7aKZedKAc%2F72LjCxBetJk7mpVy9ZaDRBHD1%2BhJbrDvRrHXv5MTNVy3rzb9QD7ZZS8bW%2FxBEpH0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d5c915e-FRA
expires
Wed, 16 Feb 2022 11:23:02 GMT
twitter-logo-silhouette.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		850 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/twitter-logo-silhouette.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc6f9465b51ddd159e5268944a013f29114cde4d11265d63ebbca2ee91081f70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683260
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FyVkVGHXjveUrscP9Nd0dm4kmTbmArEE6dkSyg%2FamUrybT2XNVIPbJ5QJ6rU7VdXKp0rIhM3BFYIKvRhVCXGrcttYOH7B9ULqFVDe2AQCWtL6gLbrG6v%2FQYytEcI3KucKWEoK2f27A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d5d915e-FRA
expires
Wed, 16 Feb 2022 11:23:02 GMT
instagram-logo.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		1007 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/instagram-logo.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be4aeb8ab5cffa42a0f0ad08a780289db5dd6d9d72ca1d0d8c83f3590b50901

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
681945
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1irROCR5YoYCKvMB2M3QspugiAcomXMJDNJao2SVNJGG0YSpovg7xTa7kSVhizpivtAeeutFNFzFSR0sQx%2BX3BdBBXMWBET%2F6OsGwIBBEDVHPy5UBlf4JO%2BCWOMsz4tBIBhWSArc%2BIA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d5f915e-FRA
expires
Wed, 16 Feb 2022 09:22:50 GMT
youtube-symbol.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		612 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/youtube-symbol.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f370c1978c064ed715099f885066fa3d9dbe18cc821186883ff35782418ff565

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683260
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WZGF5yMl5u1WD2NJlFGLR9%2BSgnWn26oVKw1PM1DeCfe7c0q3gpOmkHBbgDV7ipbKCP4ufS67NuiUjOIhOvnCHirXLxRNOFQIc6St0eLNpW73b57dGE3Z5wzg%2FxaHkljPLXdg28Uc7o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d61915e-FRA
expires
Wed, 16 Feb 2022 09:22:50 GMT
logo-shkabaj.png
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/logo-shkabaj.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fd7e4addfa6af607117bf218a0bee89074525db02f98b9389efa3cd8e6d1b84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public, public
date
Thu, 24 Feb 2022 11:31:41 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
age
683260
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBv3CFY0on44%2FhMSc1ahY3%2B7T%2BaVyp%2FcytGBZPQIWSwOVs%2B1ipsMgoDyrYf3h07R3ZlqqWJhqk4aWAsZkc9qnukY6Xa55y1PrTUPz9ODqOOlUkHbIo8piczI0RQbn0OsAUirN3odMMw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e285e7a0d63915e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 26 Feb 2022 11:23:01 GMT
owl.carousel.min.js
www.gazetaexpress.com/wp-content/themes/express6/assets/js/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/js/owl.carousel.min.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683264
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTweMWzq8bkfx%2BOYa0xiyZJWBB1th7peJUpToeQiwNGWTNsiK3q7a19U19ho8rDauYNuVKAjqqTu%2FpwX3xNkjSHn%2BuLM723oALcWj0eEoiCtc45E5%2B85%2FY9z5uGu1bXao2gVzQbcMf8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6e285e797b0b915e-FRA
expires
Sat, 26 Feb 2022 04:11:40 GMT
main.js
www.gazetaexpress.com/wp-content/themes/express6/assets/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/js/main.js?v=1.0.9
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86960b92c227276b7ece5da51dad789ec45424f1294bc5884cacaca7d44cc595

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683264
cf-polished
origSize=11722
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 24 Jul 2021 10:24:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ub7gd4JoEa2M81M121fLcV5M7%2B2lxDKL7WXSkwY2ok27p9vL3qQm9UUcXjZ9FJiJ9N30r3bXAQkk6oagRu%2B4LZ3q2ntHieQvSgc9iK5InUJCiDw%2FPMXWSrdoCdYzl70th%2Bh1UqFj0xw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6e285e799b8b915e-FRA
expires
Sat, 26 Feb 2022 11:23:01 GMT
bundle.js
www.gazetaexpress.com/wp-content/themes/express6/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/js/bundle.js?v=1.0.5
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1b8a7a342a97c83b3d9735d6e09d9b38d4139246d8d02c8f17098b4ecac72d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683264
cf-polished
origSize=3713
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Mon, 16 Mar 2020 11:55:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoL7EOjg8txhkJOnhoNgeSZNLIF0hRRQVtZuS9t6iKMw23v1ztvUjS1J9he2QbWWIqEz9gcArfdnkMlTYuqsVSOEC%2BebLJmJiqbRfSCHlkuzKh5629PVA8lXy2%2F9Tl3K8sSly0vdf6I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6e285e79cc3e915e-FRA
expires
Sat, 26 Feb 2022 09:49:08 GMT
mpp-frontend.js
www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/js/ 		290 B
782 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.3.10
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683264
cf-polished
origSize=331
x-cache-status
MISS
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:34:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0MEmMxkmefF749iDjYyigYa1QChleGv509taDBS%2BKzRYahWTRva7CuPg4Wfi%2BGz9AWZ7MoaUJ5IE4mu9wNRWOTig5T%2FQMSgGQl0%2BY9mUrj9B7sbGTKKa6A%2FqQFvfrSHSfSo2ZJBtrg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6e285e7a0cfe915e-FRA
expires
Wed, 16 Feb 2022 11:23:02 GMT
wpFeatherlight.pkgd.min.js
www.gazetaexpress.com/wp-content/plugins/wp-featherlight/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd.min.js?ver=1.3.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76a90135a3f44e3108f3a857d9bc86327de6be031917368293a94cd5a6935ef8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683264
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 14 Aug 2018 01:52:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHYhSM%2B9D7Xs%2ByI1DB%2FjcTRPrrZMPdbyfdMPIij%2FWIUNPflPglr0zFWsq0NOEzI%2FxKIcRuLnEiLDUqJ6oXnVm5Bo0XJw8KK%2FMkH9WbalJJW9EqdojlDZs3oMcTJcybEms7akdWtzEiI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d08915e-FRA
expires
Sat, 26 Feb 2022 09:21:50 GMT
wp-embed.min.js
www.gazetaexpress.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/wp-embed.min.js?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683264
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:32:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3RylygvJ7atSgYbWodVSv6Epl4Sz8MJLDpGL12hFRJ1aazF3eIlshCPK5rGGpvDLDbbW3PXAAeoOlvUQKpBAWnDsKW4t2Qgu6%2B8N9EHeTgXRLqUASD5rOIq0WGp8GfAB29kXhaHz7s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d0b915e-FRA
expires
Sat, 26 Feb 2022 09:22:45 GMT
U-7Baa56EnJJkA-3VT33cT_3HbI.js
www.gazetaexpress.com/cdn-cgi/apps/body/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/apps/body/U-7Baa56EnJJkA-3VT33cT_3HbI.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/cdn-cgi/apps/head/y7fSIC-Nar-PQDdmdwDlbGcPmlk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6927908310a9d8ea2a4e5594452cefd9dc8c8aa71bf101c4d497964b16efedf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683262
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ASEFSJFD2P14G9FD
x-amz-id-2
GjtPn0bEBiWSb02v6qTGyEm+aMnMAJEdc1ud/szOeZHUMoavWNE13kRxGSeAkCd+djZAsrUfb08=
last-modified
Tue, 10 Nov 2020 13:59:34 GMT
server
cloudflare
etag
W/"a48224d294929710ccf63815c082d82a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRpJBv%2FOOtY%2FFvBLl1654ebwYjRq3mIAS6ATjvAgHE8RTN06AGo3TNxwsVIrZmrqml9g1ih9gtXpbxEVqTejzjxUAqGuLwwcZ%2Fh8SaEoiWwUPCE35%2FzdS97W0DuIQeBVzwT7uXumFlA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
OdY.zUSDblunDdofCPVQz2xapN1Ewriy
cf-ray
6e285e7a0d65915e-FRA
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5209
date
Thu, 24 Feb 2022 10:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 24 Feb 2022 12:04:52 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-38.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
26155455
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
NusL9HD4_kurjpAj--D32pk7O6Juuf_qHQrImuuoq5TO1mmvzlcMsQ==
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
Tp0UyJFP+rU/eud6hwWyfg9wW+/mA6L1VZKOgd9bcOFFX9OA8tQYmEr3yaXrqu3wL7+e6ltna1ttG1rJbEHZwQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 24 Feb 2022 11:31:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
loader.js
cdn.taboola.com/libtrc/mediaworks/ 		167 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/mediaworks/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb0f534cbdc4f12e5ce356d330df1f9212dab3b9035f9ca084d6c54d5e7cd821

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Wkc_rZlNQmNTCKBRxLriGeFlsoO3vY.7
content-encoding
gzip
etag
"0215be18ff91f9f8cf1f87561475194c"
age
44
x-cache
HIT
content-length
23804
x-amz-id-2
HLlzckK9j40Yf1Kt8Mq0wKrXvfQl8u6lpaeEKMszugfiC1MMCTaoCp8rYNoGe4mQMRVEuAvLXAo=
x-served-by
cache-hhn4053-HHN
last-modified
Tue, 09 Feb 2021 14:13:22 GMT
server
AmazonS3
x-timer
S1645702302.912734,VS0,VE1
date
Thu, 24 Feb 2022 11:31:41 GMT
vary
Accept-Encoding
x-amz-request-id
DZ71609G7ZPK4NY8
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
87
x-cache-hits
1
teads-format.min.js
a.teads.tv/media/format/v3/ 		600 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/76285/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4f57b5d5c7aa69840ccb450840ac352a4ffe64ffcc64a8c11f5068e9551e5336

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
last-modified
Wed, 23 Feb 2022 15:34:20 GMT
x-amz-request-id
272R0AMJZNAAK7SB
etag
"d33c054017a7a35bcabb15f98e4810ee"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
2
accept-ranges
bytes
content-length
134159
x-amz-id-2
MGmZnSglSdQYHFlWdIzm3sq9EGY/jss1jwLjYfXNSvTocxFIB045c+QqbBRc/kmoeENwSpjVbq8=
expires
Thu, 24 Feb 2022 12:01:41 GMT
wp-emoji-release.min.js
www.gazetaexpress.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683262
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:32:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdALCe4okVywe3BgJWv0NjIKYt9clROT5%2BQ6ZQrdq5m9WkblJQPQ95h3YpKWjh8Xn2sxBaxAvrvLYy9HahTZGGMhBk%2FKPf9qxllTrPWbr489T36gbC2Pt1h%2FJkN1RFC6phHOsRmg764%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6e285e7a0d66915e-FRA
expires
Wed, 16 Feb 2022 04:10:53 GMT
Raleway-SemiBold.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-SemiBold.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
658c14d9b1f327a4c44cc3295d08584eada1e2d086497f748ad972799f4e4fc5

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66524
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFTyAckTcIwJgfqHWQptOPqCWeFp7%2B%2BIhJpSLEWy6ap06xP4LRWze750sSjNUczHK%2BuE0U8ooiqPgxYICSK39L2yJ6n2yHCJJ3m38l%2FTWfcMkAmYvRP0bR2I%2FuqHNQI4nfhlOggvruw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6e285e7a0d67915e-FRA
expires
Wed, 12 May 2021 08:32:13 GMT
Raleway-Regular.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-Regular.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
760042c74ca436460ec38ee573383b5eb120a272f56e2ed526a62b7757eacd22

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65692
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtXtBWJTBXGQAzKpvr7SlJMKwffr%2FpLQFl4u8g51POC7yqQFCfFHIMXnT9BKV5zPZlCphfT4x6NX0CNieEYYXOJnyHaHq0Vg4TVcszNw%2BOng9QuCiWsvK8dpy7sxT672mxIFUAFv60g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6e285e7a0d69915e-FRA
expires
Wed, 12 May 2021 08:32:13 GMT
Raleway-Medium.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-Medium.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e4af100a42dd45aa66377c48b24edb4ddd16831513508917ec5e87e0ab98600

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65280
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFX0hjc%2B%2FnpFiSwZDem%2B4Q4F8CCsUDrcJRF5J3KUSYuwIQEQWUYVxMRbKY9jtZx8AwCiekaJ%2B%2BGeTYwTdDXtIh4gPx%2BVBf%2BsAk6gjuxDOw3bHFcgqgmcBJskFIQXRYkwt0SM%2Bz88Q0o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6e285e7a0d6a915e-FRA
expires
Wed, 12 May 2021 08:31:20 GMT
Raleway-Bold.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-Bold.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ee01bd79e58c77dc4276a96fa5dcbe396c024538353c216894c5d6abcf2b6e1

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66240
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKdXLLJ7lYhL9Qi69%2Bz3Fm61jIlTOPg7hGN%2B7vUUCsKS7W4iCET4q9%2BYp8ITnCDyFMyZGRAjCMZ1jVuDA9RGlqy5q737nGjkCQ8K7tJLf2vkC73V1WRgJf4JYOkzoKzdMxTlccILl7E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6e285e7a2d88915e-FRA
expires
Wed, 12 May 2021 08:31:18 GMT
Raleway-Black.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-Black.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd857341e3bc19e8c375e272b2d0c5456d7e01f3f15329dd03bb9b3333e6fb32

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64872
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0QNEVnZqQfu7jg0%2BihhCp3MecQPEa7BUdzbMMOdRbIKzY9hlbZXk0mGMjdCGw2MzlY%2FCOl10YMIql7tIbneGANKgyLnsyDYR%2FGFZnV%2FGtqFYEusL4rSU%2BjfeG8xKxECGIYvx1G6njk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6e285e7a2d89915e-FRA
expires
Wed, 12 May 2021 08:32:13 GMT
thumbnail_Pakot-PRO-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2022/02/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/02/thumbnail_Pakot-PRO-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10bd74a09492dc854fdc2bd3a3b5d595630d7d0351321a7c46f79727a334a8e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public, public
date
Thu, 24 Feb 2022 11:31:41 GMT
cf-cache-status
HIT
last-modified
Wed, 23 Feb 2022 16:26:46 GMT
server
cloudflare
age
68672
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ks7GyejgmHJOfRLZB8kopmmsdl4m8dm46qX8DWqsKpAFWrTQzx8KhEg07q5J0JtBF3KbFgpxkceTa7Mgg49h2mh1oPU7IZ%2BEHgzVysmVAW3hbVQS3gPudfJFl%2Bykk%2F%2FQZNQ1Yo69muM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e285e7a4e0e915e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 05 Mar 2022 16:27:09 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1280571150&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&ul=en-us&de=UTF-8&dt=Klitschko%20paraqitet%20nga%20Ukraina%3A%20Ne%20jemi%20n%C3%AB%20luft%C3%AB%20dhe%20luftojm%C3%AB%20p%C3%ABr%20vendin%20ton%C3%AB%20-%20Gazeta%20Express&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACEABBAAAAC~&jid=177477610&gjid=1747675229&cid=771925142.1645702302&tid=UA-6427330-1&_gid=971087010.1645702302&_r=1&_slc=1&z=1460415113
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1280571150&t=event&_s=2&dl=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&ul=en-us&de=UTF-8&dt=Klitschko%20paraqitet%20nga%20Ukraina%3A%20Ne%20jemi%20n%C3%AB%20luft%C3%AB%20dhe%20luftojm%C3%AB%20p%C3%ABr%20vendin%20ton%C3%AB%20-%20Gazeta%20Express&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VisitsSource&ea=Website&_u=IGBACEABBAAAAC~&jid=&gjid=&cid=771925142.1645702302&tid=UA-6427330-1&_gid=971087010.1645702302&z=482855553
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 21:31:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50403
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
gazetaexpress.com.1002277.es6.js
jsc.mgid.com/g/a/ 		253 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
439c15719fd95c4f95dafb40d8d669534bb8a04429ec570d6f7e0ac73e727627

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
age
1262
last-modified
Fri, 04 Feb 2022 11:15:37 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZBHK7G2QEDSCMHST
x-amz-id-2
Q5HU3FC8n4eO8/TR2pA73kPcvCM51gZLwuUS4QIILk30+SkZxZRJ0wKqh0ZMfxmbRpg4qNZMt8Q=
cf-bgj
minify
server
cloudflare
etag
W/"d2c460620f896a7cd31abd747a6e00dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6e285e7b3e25690f-FRA
expires
Thu, 24 Feb 2022 14:31:41 GMT
gazetaexpress.com.1190148.es6.js
jsc.mgid.com/g/a/ 		236 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d47db5dc03dbeebb22d6d20aea28f3470cf7c57eac779edfd8fbf958f75672d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
br
cf-cache-status
HIT
age
1262
last-modified
Fri, 04 Feb 2022 08:27:30 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
PF74EVDHNNMV0V62
x-amz-id-2
l3DgRo1h72pqDjj9cPr4K+9CtpvQTL4+sjrqSbe7dmH+R+cE1xbfT+Dp0St38KFngu9jy4lnNcg=
cf-bgj
minify
server
cloudflare
etag
W/"b334e45344b756753a8cd5012ee37692"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6e285e7b4e2c690f-FRA
expires
Thu, 24 Feb 2022 14:31:41 GMT
pubads_impl_2022021701.js
securepubads.g.doubleclick.net/gpt/ 		363 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
521
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124510
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 09:34:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 24 Feb 2023 11:23:00 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		82 B
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gazetaexpress.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
c31b2375744708f38933b2cb26263a36bb9c254ba30d3d669953136ffd70dbe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78
x-xss-protection
0
expires
Thu, 24 Feb 2022 11:31:41 GMT
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=520c6915-8d52-45a9-bad7-b076b345833f&pageId=76285&pid=82609&debug_metadata=drjCRFIbVv&fv=996-aa-test-check&ts=1645702301982&f=1&referer=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.161.75 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-161-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=520c6915-8d52-45a9-bad7-b076b345833f&pageId=76285&pid=82609&slot=native&fv=996-aa-test-check&ts=1645702301996&f=1&referer=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.161.75 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-161-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
ad
a.teads.tv/page/76285/ 		537 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/76285/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&page=%7B%22id%22%3A76285%2C%22placements%22%3A%5B%7B%22id%22%3A82609%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A824%2C%22height%22%3A464%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=520c6915-8d52-45a9-bad7-b076b345833f&formatVersion=996-aa-test-check&env=js-web&netBw=10&ttfb=163
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24c0addaec6b9472ff5c995941929d404480f5963d77125842e61cc995e951d9

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
364
expires
Thu, 24 Feb 2022 11:31:42 GMT
pica.js
www.gazetaexpress.com/cdn-cgi/challenge-platform/h/g/scripts/ 		21 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
293e679d544ce9ffebdbfa88bbcbc6d03a303d256ec52bcfc323e1174a1f5685

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMoByTtQC7Ru4pF3QAcQrKn0ACGmMquFx2eLWd%2BNWxHHB4OBbHcWnyo2%2Ff%2BSVGZLg7gaqQwaDWd68y7tfsyE0k1N3yCosFOpnELJQxVE95%2BaPIRalPhn9fhF4Ufd%2BHiqgMLHS%2FsbQW0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6e285e7baa10915e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
projectagora.min.js
aghtag.tech/libs/ 		277 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aghtag.tech/libs/projectagora.min.js
Requested by
Host: agorahtag.tech
URL: https://agorahtag.tech/c/gazetaexpress.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e700bddd1405ed9feb6cca2523254b13b0bc2191f0728170099746792e7caa8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2366
cf-ray
6e285e7c0cac91f3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
82685
x-amz-id-2
F93qVCb6lx9PNX9odpNjuGEQje0Q/FmTU8P2Zpk+Sb6Yyg9ujMreLEjPP23UxbZImpPIcmCM/eA=
last-modified
Tue, 22 Feb 2022 14:51:02 GMT
server
cloudflare
etag
"bb5843fcf1d36f23d43ddf1e00f66ab5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9qpBmQzOELUb3IyTtPIkqx39Bp1V%2Fx0qGxqZztoKWAuOKD%2BfrLdhxCpnnUeN9L%2BpmlgSWrmOlEfMzMCWRfm5p8Z%2BcLOIp1VSj7kPESq5vbOthVl%2BV0%2Fg4urAVwzhwAEZ3WghCPa%2Bnot7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
0G7YBQCWR83E8YMW
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6427330-1&cid=771925142.1645702302&jid=177477610&gjid=1747675229&_gid=971087010.1645702302&_u=IGBACEAABAAAAC~&z=2103135807
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 24 Feb 2022 11:31:42 GMT
content-type
text/plain
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180301/ 		291 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com&bust=31065255
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea8bae5fa4f9b020e743eabf735ea410c1088898c85ae11cb98cb8620f21f06c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107193
x-xss-protection
0
server
cafe
etag
12369466730916425537
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 24 Feb 2022 11:31:42 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220221/r20190131/ Frame 5A11 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220221/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Wed, 23 Feb 2022 15:52:39 GMT
expires
Wed, 09 Mar 2022 15:52:39 GMT
cache-control
public, max-age=1209600
age
70743
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Klitschko%20paraqitet%20nga%20Ukraina%3A%20Ne%20jemi%20n%C3%AB%20luft%C3%AB%20dhe%20luftojm%C3%AB%20p%C3%ABr%20vendin%20ton%C3%AB%20-%20Gazeta%20Express&time=1645702302055&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&random_number=18779203708&sess_cookie=ff3f796a17f2b80496699881d3c&sess_cookie_flag=1&user_cookie=ff3f796a17f2b80496699881d3c&user_cookie_flag=1&dynamic=true&domain=gazetaexpress.com&account=OPTMe1aoiI00Ua&jsv=20130128&user_lang=en-US
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-46.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 03:50:21 GMT
Via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
27682
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA60-P3
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
oMRcoSWb8t7562LSUfNFGzVhgtjPqZFdYajBrjTlfeoAc-RxZLdGjg==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.16.202 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-16-202.us-west-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
server
Server
260200548443713
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/260200548443713?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
189bbf954aa1e1351dce2d5f01b70f79bc193f9737af3d6d950d0ce64c60dd27
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89094
x-xss-protection
0
pragma
public
x-fb-debug
hjCQNkLr+2/gw5VFpr9xwCgitNmm9LgoEc1e2/AXete5l094UeyQkT68FIXrjYw7Q3GBHIRNFJG7u1wX7/Q38g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 24 Feb 2022 11:31:42 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 24 Feb 2022 11:31:42 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
pragma
no-cache
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
/
hb.emxdgt.com/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1645702302089&src=pbjs
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Thu, 24 Feb 2022 11:31:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=2177830&size_id=55&rp_schain=1.0,1!Gazeta%20Express,19943,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=2d9f0502-7b56-4964-a59b-1e6da5ccfa5b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8334396766890944
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
7be08b5eecf7522462a34d509a481ef77c8a065fc4419e73678c9aade7870e52

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Feb 2022 11:31:42 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
2346
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=2177830&size_id=15&rp_schain=1.0,1!Gazeta%20Express,19943,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=3de37ae3-e5a9-4f9e-ba9a-6c27ebe41dc4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8852011419569499
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d3735048fdad2d18bf8bcc8c5c795dfd027d5d5123d548fd93514c9baf790cbd

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Feb 2022 11:31:42 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
2338
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Thu, 24 Feb 2022 11:31:42 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
openrtb
adx.adform.net/adx/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
26a29271ba8db78326256fef88284da60529ea622cf2bcbb584f45b786301a45
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 24 Feb 2022 11:31:42 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c11ef84c-a61f-45cf-aaf1-ff826cf10b10
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=77123212193
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
bid
ap.lijit.com/rtb/ 		24 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
50b8777f3fd1e8bc8c8d5b7219c5a3b767c48544a8ed5fa02b073ee6e207eb5d

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 24 Feb 2022 11:31:42 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6427330-1&cid=771925142.1645702302&jid=177477610&_u=IGBACEAABAAAAC~&z=887234371
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6427330-1&cid=771925142.1645702302&jid=177477610&_u=IGBACEAABAAAAC~&z=887234371
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1280571150&t=pageview&_s=3&dl=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&ul=en-us&de=UTF-8&dt=Klitschko%20paraqitet%20nga%20Ukraina%3A%20Ne%20jemi%20n%C3%AB%20luft%C3%AB%20dhe%20luftojm%C3%AB%20p%C3%ABr%20vendin%20ton%C3%AB%20-%20Gazeta%20Express&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBACEABBAAAAC~&jid=&gjid=&cid=771925142.1645702302&tid=UA-6427330-1&_gid=971087010.1645702302&z=2014835057
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 21:31:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50404
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
impl.20210208-11-RELEASE.js
cdn.taboola.com/libtrc/ 		461 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210208-11-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mediaworks/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
cf0a680b3db78402b1968d02a73e5d14ddfbee11d87f60e9cd5ac7cf8c553676

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
KnSm.W0xbjxKdbzJlmXotguv.ic.uOsY
content-encoding
br
etag
"a91756933e089626a1d0a3de71a9f830"
age
10614
x-cache
HIT
content-length
108763
x-amz-id-2
Ag2hlSBhGrXZkfKZDBDMwFQ8v+R4jAoObYGsazeNcRykuWlSBLP2BB/VKdKFm0CzBzOGT6D8AgE=
x-served-by
cache-hhn4053-HHN
last-modified
Mon, 08 Feb 2021 10:37:31 GMT
server
AmazonS3-br
x-timer
S1645702302.171430,VS0,VE1
date
Thu, 24 Feb 2022 11:31:42 GMT
vary
Accept-Encoding
x-amz-request-id
MJR21N7YTG5CRYHJ
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
1
widget_iframe.a58e82e150afc25eb5372dd55a98b778.html
platform.twitter.com/widgets/ Frame 7EC8 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.gazetaexpress.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE2) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
128121
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 24 Feb 2022 11:31:42 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Wed, 16 Feb 2022 18:36:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mil/6CE2)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=260200548443713&ev=PageView&dl=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&rl=&if=false&ts=1645702302257&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1645702302255.162441274&it=1645702302068&coo=false&exp=p0&rqm=GET
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Thu, 24 Feb 2022 11:31:42 GMT
cookie.js
partner.googleadservices.com/gampad/ 		221 B
420 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.gazetaexpress.com&callback=_gfp_s_&client=ca-pub-4665846415960239
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com&bust=31065255
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
841de2a6537c740d626eb1bf53fbdde1fa8e1a3f1c8542203d9d098b502b16e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com&bust=31065255
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com&bust=31065255
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 82C1 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4665846415960239&output=html&adk=1812271804&adf=3025194257&lmt=1645702302&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645702302042&bpp=3&bdt=515&idt=243&shv=r20220221&mjsv=m202202180301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1524244190953&frm=20&pv=2&ga_vid=771925142.1645702302&ga_sid=1645702302&ga_hid=1280571150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31065255%2C31063246%2C44756895%2C44756896&oid=2&pvsid=3415778849521025&pem=902&tmod=2035453144&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=261
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com&bust=31065255
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 24 Feb 2022 11:31:42 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
6e285e7798c09152
www.gazetaexpress.com/cdn-cgi/challenge-platform/h/g/cv/result/ 		2 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/challenge-platform/h/g/cv/result/6e285e7798c09152
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e285e7e9ac6915e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsFbfde8CQDcYXilJyHa6%2Bi1B5Iuhmq8qQ7CjuyncZtpA4cYYskPoxj2c2CZim8e%2B%2B0Pkc%2FikWjOpoM9e0li4HuEXi9dZ0DNAc7AHjSDXaC%2Bna6jUDA6%2FGOC0SKl43QiBs8CGN1e%2Bn4%3D"}],"group":"cf-nel","max_age":604800}
ads
securepubads.g.doubleclick.net/gampad/ 		38 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3415778849521025&correlator=4297219209036334&output=ldjh&impl=fifs&eid=31065290%2C31063246%2C44756895%2C44756896&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220224&iu_parts=74207979%2Cadxp_ge_sticky%2Cadxp_ge_in-article&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%7C320x100%7C320x50%7C970x90%7C250x250%7C300x250%7C336x280%2C300x600%7C320x100%7C320x50%7C250x250%7C336x280%7C300x250&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D970x90%26hb_pb_rubicon%3D0.04%26hb_adid_rubicon%3D23ccdb04aa29001%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D970x90%26hb_pb%3D0.04%26hb_adid%3D23ccdb04aa29001%26hb_bidder%3Drubicon%7Chb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D300x250%26hb_pb_oftmedia%3D0.01%26hb_adid_oftmedia%3D25673da3769f0a6%26hb_bidder_oftmedia%3Doftmedia%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.02%26hb_adid_rubicon%3D2410a94cd3c27b2%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.02%26hb_adid%3D2410a94cd3c27b2%26hb_bidder%3Drubicon&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1645702302523&lmt=1645702302&dlt=1645702301527&idt=672&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C531&adys=1150%2C1590&adks=1438139209%2C1243139692&ucis=1%7C2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&vis=1&scr_x=0&scr_y=0&psz=728x-1%7C824x50&msz=728x-1%7C824x50&ga_vid=771925142.1645702302&ga_sid=1645702302&ga_hid=1280571150&ga_fc=true&fws=516%2C4&ohw=1600%2C1600&btvi=0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6daa4a65038604611b78934d09233eaf8029d4e440324ef03bbc33de2e106d20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9667
x-xss-protection
0
google-lineitem-id
5363688884,5363689337
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138310969015,138310572053
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b6d2dc3f1cafc5805f52178ed75c3300.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BDAC 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b6d2dc3f1cafc5805f52178ed75c3300.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 24 Feb 2022 11:31:42 GMT
expires
Fri, 24 Feb 2023 11:31:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
settings
syndication.twitter.com/ Frame 7EC8 		232 B
448 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=4f58bcb184d44645783e5a66c4a8caa0da95394f
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.gazetaexpress.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time
105
date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
last-modified
Thu, 24 Feb 2022 11:31:42 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
41d80733fbf73873b9110c2afd85baf4b07bb692bac4ec94f181a60bd9adcb69
content-length
166
zyfb7QVp3Q-JRjLb76e34LDx8aAcQnlN6gua64i01zzV7Lfv9usKCkm90XoPYnaujvhxYbWpNVh9kIxv6zilvYlS7y8HW5DTbwgPbDtvXIbk1-hfQLNPLAeTUJ9MjgNrtNLuBJP4R7_MZJQORmRCBc8se6VsYw6oUcM3IBairhDivD8N72sSehkBcn8N750SAnEil...
serv431.com/ 		904 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://serv431.com/zyfb7QVp3Q-JRjLb76e34LDx8aAcQnlN6gua64i01zzV7Lfv9usKCkm90XoPYnaujvhxYbWpNVh9kIxv6zilvYlS7y8HW5DTbwgPbDtvXIbk1-hfQLNPLAeTUJ9MjgNrtNLuBJP4R7_MZJQORmRCBc8se6VsYw6oUcM3IBairhDivD8N72sSehkBcn8N750SAnEiljXkcJAM_GT3RivA6wulEApE4u4AQpwfibRSB8Z9X18LWxfq_z2oQQ9k-lT3yLUWX0YHSQZ3nbXMEg0303f5d6eP7M2YoTv0BmZulZZnlX0Q12kHr5UfVc8P6Fa-FmmvaOlBpV-auR1mWtNdwLsH7592WbgjRTr1kSu1E5_lrTt3V8F9bQa3VHPF0D-NKKHOoBJMI7Sd50_AfwGuuBjLs1ePG7m9UHcWilM-eYT6epr7xIhVAMbj3ir7ogyXrWCLIZbEQZk28J63kBtGmbzDhKLEvm0zKJmWUXRuQCJJ4prL3FaxXbc82pDunuBnkHtB4lDP_x8D9YxTTojUxIk_1y1sMQJQ09q4GWk08pXcVIU9iv8KzwUQ?
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
1ae7ac463e28311689703ffa2ff93c88836fb7807fbb7b980595c4d6cd295fc5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
904
expires
0
zvaZiRbhWRYAb-2vNXuXurk85sp8FMYYIiGQe4S9Nc5cU4VZ6UsNTaTiOIpQWQ9bontjk-j3K2m2LyUIUAjrWcKcMxATTYeOYO6dGieApN2jjpTGGgr8CMd0e700QAYz1u9vW9iId6F55JvWEH94dGIBx_mVhYMTBmKODmr8W4MpKZxgzKcj4A5mP1zFT6WPatJJX...
serv431.com/ 		795 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://serv431.com/zvaZiRbhWRYAb-2vNXuXurk85sp8FMYYIiGQe4S9Nc5cU4VZ6UsNTaTiOIpQWQ9bontjk-j3K2m2LyUIUAjrWcKcMxATTYeOYO6dGieApN2jjpTGGgr8CMd0e700QAYz1u9vW9iId6F55JvWEH94dGIBx_mVhYMTBmKODmr8W4MpKZxgzKcj4A5mP1zFT6WPatJJXSMIKcWa7037NbupalMUCyzlItcUiQnFRy_TcW1O_y5mAehm5aFMuYz1mCIQ3MTHbl4aZG1E1a_1i5fDQmWs6h77-5af6TDtfVT-vdq-EX57PT6-E3s2Hl6t1dPLNpZXGVGCnmf6zgJJHB-SOcTNyy-cdKaOOozX9GmVDbUMTnGAv9OQxts8eh1F4zpScb2XIy4WaiJJW038tldDzklsFTEhKnjEYbGYzD6hhAPkFzCwrFev1dlPE8lnLuWz3RQYk8BxXTCwf2cHxAloYKoOsEViS517SLV0xLFcQ2WzJQMVqhK2DsDXcfErZX_gDIoP5p3ubkeFl9fdpcBxGQoF8of9jba92ov6Q11tLG-R3dxF1GWa-l-PPRw?
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
0b03ca894c649ccec6bde622887983b0231936d740b46cf9a4e0919eecca75b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
795
expires
0
zYpEBMnPK9D6RKZm7QAG679BxEie8uH-pSNJxErO6WAwWLyw6BJ627875gu45wxE8Mj5gnKdoxGzLioz2vJRnIgK-m_ve7cl7jYfgchwkfGGhktmQ9DeyMtCrqsTjztKymfjcJ-RymknzIduvaui2UW5e2XnW7gf9K6zMbUKj7CkbO24ehvnSoYtIN5B1bU1-TZV5...
serv431.com/ 		939 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://serv431.com/zYpEBMnPK9D6RKZm7QAG679BxEie8uH-pSNJxErO6WAwWLyw6BJ627875gu45wxE8Mj5gnKdoxGzLioz2vJRnIgK-m_ve7cl7jYfgchwkfGGhktmQ9DeyMtCrqsTjztKymfjcJ-RymknzIduvaui2UW5e2XnW7gf9K6zMbUKj7CkbO24ehvnSoYtIN5B1bU1-TZV5Hobc-DcsK8WpLYrH6inLU7z6ScrzhIG1uB4mrHTWMtB-uI193aNrRaeYh4qVkcga6b2oJbTy6lbhvLiV3T4SlQdC9QKm75DiOONWrFAGsM4bCpzW5wsQzpb6uq0nh-_dyGrOJ0NVwoH4571yzQDgzs0Bf8BXOAmlEC4Eb3JbYdtJloie8mYw0ecdjQxsSUwRWzvwBYU0Vr5Xm2X76eCuVK2scSy1lohZHMklsfvxp2htPH59w77IwKrgfy3R8gqwx_GbDVVGRvTGHernK2Y3n42vveSIurb_7-FK3NBEF8JxgWg13xEBmtHMFyChRUxovEFvKI-D543DmVib-f0J70-0j4u6lfsIfGFm9M4ydAAjRGK1w-DIEw?
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
e7f586d44fb5fde7cbde66bc458d5be1ed0b98663b9693da824f68dd5bbbb540

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
939
expires
0
z-X6pReYULu0ASv3E0867Le51S6MR5lNyDtKOuInDM7ofsk2L6lR-S2WOyp5wkBIYbvCHQh26V5QaKGofSAJ3P3UpanMOEfBLaWHHbarsgY5s8KwCPZgCouMsPoLY9EvUSOF_bEb2pbrkg4SfezDCzvPZ8MY9ibeolW2ZW7a3xK35ylnL6KZU32ev3yEj71FWJjcI...
serv431.com/ 		850 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://serv431.com/z-X6pReYULu0ASv3E0867Le51S6MR5lNyDtKOuInDM7ofsk2L6lR-S2WOyp5wkBIYbvCHQh26V5QaKGofSAJ3P3UpanMOEfBLaWHHbarsgY5s8KwCPZgCouMsPoLY9EvUSOF_bEb2pbrkg4SfezDCzvPZ8MY9ibeolW2ZW7a3xK35ylnL6KZU32ev3yEj71FWJjcIX1C7r8d4I8lxZhupuYl4SZX-Zh7j2rtyVuwLRFa5vqi49SBRF_sBrcDz0gm1a0ddttIsM1ADb5U8Qgi5nMafMjgL631tTig9IzXVbwvdtXBTNHsl7b8GEN_qQbgrqZ9VNoaNCQijZMvh_ncJX_L3VYxYEMU-P0qiuSVDSAKbBnbKyxDI4iUEgswqrTVClaRedJOjK-ooEHJwXUDJ54Iqn1_PC2nVZGM_ikOxLwFuqGE2_OX5_BiBm1YUbN9zBSaZicjWTCycCsZjxmwberh2KIltGpQem1Fgmu7rwEQTMUmOXinuW1bI1Ka85ugC_6pupkYj0j5M33-bsSyBLLDLrXsBt4Am2aEmkNdbVgtjkvx3TTDnz7SdRw?
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4ad6abf38a888134b6470fbab8aaedd5dee0b43ad7e4660fa3fbf35fd46371a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
850
expires
0
z6riblSvS4VAPjGO_v5jt9W5cWkcrr7Ks55AFkG65mgx5Hip2TcSnnQz0WM0BOln-S7sQ5XBO2dhWaWDGiyBU23_XAViQuZQ4Ox6j-4WYwdpaa2x5_RMRaV1kzedgJ4c7L6Bu8PRFFNvsWfiWxyAHqlLXkniExRi4WdXhiVU6dOosJhvtPJHVWgPOS2qYvDl7G8T1...
serv431.com/ 		894 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://serv431.com/z6riblSvS4VAPjGO_v5jt9W5cWkcrr7Ks55AFkG65mgx5Hip2TcSnnQz0WM0BOln-S7sQ5XBO2dhWaWDGiyBU23_XAViQuZQ4Ox6j-4WYwdpaa2x5_RMRaV1kzedgJ4c7L6Bu8PRFFNvsWfiWxyAHqlLXkniExRi4WdXhiVU6dOosJhvtPJHVWgPOS2qYvDl7G8T1QVMW9_v0ZBgIzWVB4yGO43DQb7xkcyy3cfxtjlmdqRfCvk_BoOxCcZeOu4cHUYUJA3_q6ixf8yeOb6OYZUQxczxpJyxXfv1Wplw4i-FIs5sNymzVo3WK7VGj9a98EYU41R5-YiaaBIdmB0WojvxodZrEtveP0eJ907po-YGTob8pTsEVSj-U8VDvioDnt63dslyz5vkIzFmnxuo8Ox_gMN1aEBYPqKUyMhnE4tuUllCoTunrZ2vo5OYSVinV-wQ6HYoz11DDY-ge705PLCFRiUl8Yi7t5In0nqR4oQ-QMn0_a9BpItS2NojcnxcxbSxlSI37Nz-N9Gd3hHCO5CSUhpRBpw6hjsve45ozlqnnSRQmTTKww-HJRA?
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
8714b2bd3f49c7a07bd1b684237573c6c87882c11f4c23ab2169f775344ebe46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
894
expires
0
zbKkPPLF4eZFF_wD9GIuF3KbhSb03GG3QAdrqA-aoIHoz09XzsSSMOEMGnoTr1Vhy6gwMXX8avVOQWkhDQXmOyLKASan98PuhHR7KO_ZRkEQtRowEAmhizlkLdx5XGI7-nAWJB58maQ9SC5WqKjTxaKEGtl8XORdAUK2QEZyU8i7T43smpcPwnknDMsQvGHtpXWJ5...
serv431.com/ 		872 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://serv431.com/zbKkPPLF4eZFF_wD9GIuF3KbhSb03GG3QAdrqA-aoIHoz09XzsSSMOEMGnoTr1Vhy6gwMXX8avVOQWkhDQXmOyLKASan98PuhHR7KO_ZRkEQtRowEAmhizlkLdx5XGI7-nAWJB58maQ9SC5WqKjTxaKEGtl8XORdAUK2QEZyU8i7T43smpcPwnknDMsQvGHtpXWJ5QKyZOxe-7JBGrO-TUOkun38t5bOiM2u5kO7sxLMOpkozINuHexxFIxkUZyOmFxKcgnThB6mWR9IJXe7FQgI6CalZ_tLxgNIBBTRTNGCPxRVbyZI4JOGHyCqa15las39oXn2K1egsWFXnY7vrvhmwsm0BS9CC5UeFKa49KmzBbHZ4oPDW11BVWb4LSWVBMErr1VZtTb2OUmFmrAF0GGGshK2F8EHFtAwq5YWQhNoZrti1TBFMqoGQQ-L2PIR5VvJN6ey4NdLHluR0nRiya5boZbloa-QApt-VJnaIA2CwaY3Jgcw3Bk6COvGr7xTl9zNJTSmRGt6QzBuh5WmT8p9tQyKT0qVGGgd6ttCwm-7FCV0hGmGzxOXKRA?
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
24cf897961fe121e20c0bc30c494caa28660da505956033b29b3bf9a3ea6081a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
872
expires
0
zznOWiRIdRnWygnP92dRT_MuQ36grblNnt8IzqTezncqlM8E0zdo95Bx6wRiDlX2-m0Q1UMFUtGXTAoq6XT53cKss2zik2yQ-YBhXz_p2wFZQG3sLNJRXgLW2ovE1A74d7LN7dgUd-aEG4ZM3XWEASzXmlDgFDk8gdSmowPUlV6pc-U-KDlZSQjKOD9kE-dTFhvGP...
serv431.com/ 		872 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://serv431.com/zznOWiRIdRnWygnP92dRT_MuQ36grblNnt8IzqTezncqlM8E0zdo95Bx6wRiDlX2-m0Q1UMFUtGXTAoq6XT53cKss2zik2yQ-YBhXz_p2wFZQG3sLNJRXgLW2ovE1A74d7LN7dgUd-aEG4ZM3XWEASzXmlDgFDk8gdSmowPUlV6pc-U-KDlZSQjKOD9kE-dTFhvGPYHwJ9YYj4CULZHo3glEo6iwuHEmgfCPHgdT5dQFXO2iZ_7I2CIOl_1ffRTw8Dt7XKU9ffj6DbvDpDUEW9KjApV5_kDHdpqZj0Yazpw0y-WDHuU6uaYEZCYUpGAqGQNDCwRbgiAGVdauEu8ysFiendYw6hObrl9tuosaKX2KKLc-dYN5MwxIW3Ru1_qByxLIGRwguYbi8XJNupxSCTPPwFZ7UByb4R89p42A5W2aU13Hh8dIv648hfMLhwi99UgNPLVCivAPaZWZARZ5Yy18V4IYkIeVMgd34Z-8TA-6dEOTjWM7KOC5-MpUOPrCxTgHIuJ2T0ZbSZAT-TzeB_Tu4LkhaOTm03n_GhrUg6dQMpqN2Gje3xOHMQQ?
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
90be87f0c2e557bd2a8773a879553fb3c4c983f88205dbc3be6b150a20e93c43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
872
expires
0
asyncspc.php
ads.gazetaexpress.com/www/delivery/ 		690 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.gazetaexpress.com/www/delivery/asyncspc.php?zones=33&prefix=revive-0-&loc=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F
Requested by
Host: ads.gazetaexpress.com
URL: https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7522df791a4f3a4eaa6634d47b6e2401a10f3554a8b38172fb2bae898f0ab709
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZT9tSf2m6ErnCuNwM%2F3036UGscIJDRS9lS0PwINcqmDct10qdC9gxOmHwYw6IlA61W9Zi5ovDJ%2BMDK6l1ixNp8370fudLjtkSCNg0HxrZvTHAwkRCJ%2By57vlYfbouOhQKxHYMN3dFE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6e285e7f5d0f915e-FRA
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220221&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com&bust=31065255
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3372b610f4a56022cfb6a33c5c497fb832d4fb48ec77301a3d6251028b4b15fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9738
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame FF34 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMIsQYNx2EIoQWcUYaSN8CBFYR9TyhjeqI5R3zfO7VlMYH1oZK4_s11lGiORkCIEBic0dLVh1uKukkrfl6Rv5eC5d6CJYrjhryZL3Y6ir5n06g-o0l_Px0SoZdRspksliRi1CdpC32h4zaB4HIMVnSy3E26_6UqZ7Zbo0PUktmGOEBxwWSYWTooBCnGlcDmOWbf2Lt5a34OhWGFjz5TkFv0y9w51lschhJ0BFMsNBAKo2-rEQ0qk-P50APz7VWO0p5U7F_RR56bWb06BBcNRR4AcQqPnEJTlVGClKQAMXiy5GgLHDIagfQAd7Mdcgon5hFgA&sig=Cg0ArKJSzJgcCibKx-gzEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 24 Feb 2022 11:31:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame FF34 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
9296
x-jsd-version
1.13.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19183-FRA, cache-mxp6920-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6e285e7fbd4483a6-MXP
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FF34 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 24 Feb 2022 11:31:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 37FC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYlm-5xYatELenH8_WEawVZNRGIjbEma3iMZOPEurbna4EL1ABpNWymt7bEW2cNsKC1PrsOOrIHRv-xlA_um_AZSuulazsfKAgL7DaZ5i5OETp15b30NCmmJylTUgtX3Pfs6hK7f4mfry2FzC3t7OeyocNcsUcVWVYB02lGRfokD-2frGyWIhoeMo2roW_f9Z6lkzlFIUoXxC8Y4Z8A9R5LBuX-jLjzWZ-ft0TBj6UAcdc7rsdlhvtdeMREmeAQgyeDzExdyQRZ06ZLpRbRLH2cn-1F2loMOtkX9IKp5kldFcsQyWCRMeGgXyJF3WyZYlUkDLQL0M&sig=Cg0ArKJSzBRbalwcXrjXEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 24 Feb 2022 11:31:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 37FC 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
9296
x-jsd-version
1.13.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19183-FRA, cache-mxp6920-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6e285e7fbd4b83a6-MXP
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 37FC 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 24 Feb 2022 11:31:42 GMT
/
ads.projectagoraservices.com/ Frame 0196 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=4361
Requested by
Host: ads.gazetaexpress.com
URL: https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e78a , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
/
Resource Hash
6d4b871026e1912263de416e2998423157080532a674bfb55eff6372495521ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1174
expires
Thu, 24 Feb 2022 11:31:42 GMT
lg.php
ads.gazetaexpress.com/www/delivery/ Frame 0196 		43 B
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.gazetaexpress.com/www/delivery/lg.php?bannerid=8&campaignid=3&zoneid=33&loc=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&cb=c559ad7b38
Requested by
Host: ads.gazetaexpress.com
URL: https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKEJV4tGApKARc83ZMltAYhaSDEl6vfdnzrnwftEhoBYy51d97ADO%2FMQ7BtCcHybEjX7I9soB3n3PtDCqEpk6u9JzQx4h83ETa6iwr%2BmcMqcwXoyvUZwjdlKKBaf4J45dvl602RQtPw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
6e285e7fae28915e-FRA
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com&bust=31065255
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 24 Feb 2022 11:31:42 GMT
horizon_tweet.b9ac0a13a4a1d52c80651179f4fe9b68.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.b9ac0a13a4a1d52c80651179f4fe9b68.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE9) /
Resource Hash
f277cc840da33f2e4731e6b3e5403d7bdcaa299304aa61452deb63e297a8523b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:42 GMT
Content-Encoding
gzip
Age
128121
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
2473
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:36:23 GMT
Server
ECS (mil/6CE9)
Etag
"29cf2e2367fd80ea2a4908fe0d316028+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
/
ads.projectagoraservices.com/ Frame F665 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=6750
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e78a , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
/
Resource Hash
43519fc44b476fbe3de469041a267e6efd53e13dca8c3536d536d7cb029750f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1418
expires
Thu, 24 Feb 2022 11:31:42 GMT
zJZjn_7ltel6nvT0lv5vXFPCLnw_kgtj9P1_fLhCz2HT34ULC3JcUMDXM-NT_lR6NkIMoPf5Lairmjtni49CORHTxMQoZtiDrwA0p-zRcehNERwunOIh5X7PJ6qYpfCASglia3i5kVoVHjAFvOHH8SETUB19XHgwbM4hjijJvpz37h2asCDxKfJquP9jUw1fa9wv1...
serv431.com/ Frame F665 		43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serv431.com/zJZjn_7ltel6nvT0lv5vXFPCLnw_kgtj9P1_fLhCz2HT34ULC3JcUMDXM-NT_lR6NkIMoPf5Lairmjtni49CORHTxMQoZtiDrwA0p-zRcehNERwunOIh5X7PJ6qYpfCASglia3i5kVoVHjAFvOHH8SETUB19XHgwbM4hjijJvpz37h2asCDxKfJquP9jUw1fa9wv1RNM4kTPbJ3GF2d9krBOcUbahecVZo-cNW4UfhqBoisycMaApDH4EdyO3kGtHSj1eoq7htW-2sqdrMDhegMX8LMjEH5wqJkqFFajGnPoM_kDhygduF9oMcAZS1SES1wRv-KIZrRYGp4msNP-gf_BXvdnbRQtcGy27pkug9ZYfrYSoi7erJ-2qrigJvhkqvxXuwT1_Dy4sCiOWeyhJP37lJOfvUZGSPHA1?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
last-modified
Thu, 02 Dec 2021 16:25:42 GMT
etag
W/"43-1638462342000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
index.html
www.gazetaexpress.com/webads/onefor/960x200/ Frame DAB9
Redirect Chain
  • https://bit.ly/3HalLG1
  • https://www.gazetaexpress.com/webads/onefor/960x200/index.html?utm_source=Gazeta+Express
152 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/webads/onefor/960x200/index.html?utm_source=Gazeta+Express
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b662abc2f7db1bd3fba0173f6d3975cb4e5a6b5aabffbab8d3f9a6c5980ec9cc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-type
text/html
vary
Accept-Encoding Accept-Encoding
last-modified
Tue, 22 Feb 2022 14:58:03 GMT
expires
Fri, 04 Mar 2022 15:06:37 GMT
cache-control
max-age=864000 public
pragma
public
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5SmUe2MioNGF1E1t22M09BboiLWtk%2Fa0BNjIe4HIk%2BJoVTS0GS50qrRXNDCGKx1%2B1yo59Pex%2B%2FcIitXXcZOdtkqOghDJLEkcTedC864DP9dUkm5GyVAc3mR4hK2%2BEe3AfM%2BGgrJZSw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e285e817c24915e-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server
nginx
date
Thu, 24 Feb 2022 11:31:42 GMT
content-type
text/html; charset=utf-8
content-length
175
cache-control
private, max-age=90
content-security-policy
referrer always;
location
https://www.gazetaexpress.com/webads/onefor/960x200/index.html?utm_source=Gazeta+Express
referrer-policy
unsafe-url
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
zzPYwtSKoNCAsBqFa4Rf4jHCLP7H4MnjJn01O6Ar9dydf2M6YpXaIhWUeK-ZKP6ttb1zChnx5QCIlJ5NSgZgILHhydlKjKhTkMvNqeL2Lcm64USsLp0XIxDeApcxapkf-NOJaCS_Fq-knguESLh7vBVONvQpYcpVn3GPk6z5K-ucqEHrUMET4fquGWVvBGEApN6Fr...
serv431.com/ Frame 0811 		43 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serv431.com/zzPYwtSKoNCAsBqFa4Rf4jHCLP7H4MnjJn01O6Ar9dydf2M6YpXaIhWUeK-ZKP6ttb1zChnx5QCIlJ5NSgZgILHhydlKjKhTkMvNqeL2Lcm64USsLp0XIxDeApcxapkf-NOJaCS_Fq-knguESLh7vBVONvQpYcpVn3GPk6z5K-ucqEHrUMET4fquGWVvBGEApN6FrwzOTpVpm2LsslfAEbtp8TIXhT9M74zR6EA-SMcDbrN9l2NSSZxedUriWbnVx_sJK9Ow8yvCwMpwoJF8B0tm-0Kg0pZs9JVNc8k0-qG3cQknJ49KUYNT9yDoxSH3mHZ6oLpkSkvHrBhmp9OPRftGrDY33flWNZIO_4oP_hUemvPzpPc5qbjZsXeX6z52kmXEGqwlEP7sGs5Fxcr-5KbUtnuuSp7Yra4JoBg?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
last-modified
Thu, 02 Dec 2021 16:25:42 GMT
etag
W/"43-1638462342000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame C98A 		159 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7234154a31ead4d0cb049ce3f167a43cec6cbcea8df1c6563c364df8355b2a2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Wc6QjJkWO_GOWL9kxXBKq-f6n6N6ZnFRQRdNJpTEtbX9OP25HN1A0N79S9s4VMB5TAqOmGWfY0VlfnReIpg8n0ywKBsLMSv2zMBQMTLKiuf4saswhTH5p-7CVooE-BzbsqI9DkHPUQXJkuWj08-Ruo0I_UyBFxm47pHBH2tCjSmyIm1cUApaC3HtgUV1JJNDGUSYHA7oiZccAEYdv0BXT4Yd-szaJkA9Z_hrHxXy4IupQfT6WqVJtH5PilBqT1SxLn2moQ"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
141523856
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 795A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.0.42.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-42-150.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 24 Feb 2022 11:31:42 GMT
Connection
keep-alive
Vary
Accept-Encoding
cff0b728-e50c-4078-b5b8-ba66e0ec9b4e
beacon-ams3.rubiconproject.com/beacon/d/ Frame 37FC 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/cff0b728-e50c-4078-b5b8-ba66e0ec9b4e?oo=0&accountId=12398&siteId=59924&zoneId=2177830&sizeId=15&e=6A1E40E384DA563BF5FE1F12FF623E130BEFA062C03F986CCE664EA369B402A547F6641566804182C1BE90A5BFCA91476256DD5F6373094813D3B289165F1656A0E9EEA6EA7A72DFCA0AE3EB89135EFEAE544D7CC2D0A36E3AE237281073A2DA5C7A57EF1C65B55B4451D04BC0BC7FE71FB5667A2C1A7C392214F2B901D9B41486E3225A044F3F58EC8216FA01409E7C5EDAFCA9BA1610B0002C58CEFBDE43405EF39272D65E63A8FE78488ADCF0CD25CCAB3A7F93DE7775FF4D4FA1787557BAD246E8D2AAFB2DC39F0A7BCBA6585FEB96B6EE7180FF703355DA337C671AF4854541912EDDA6A9BE65D4EDF59EB95BD66461738BC16D62F3975CC3FFB99355441129234B728163A5906F7CA0C0317775B330EA039159D812238A5617ACE27A520A73C8E30D51A50973B0614B54FF867F7F3303E949B1876CEA02A0DA09AAE32AB13AFD21788D8172BBC7057F583687C0F50999AB7B31574D1436D9D064197CBC9C5477581F34BB3A7CEC489ABF1A9E8AFD9370BD08FCAF24764285D96C90FD3D09E240CC919FF1E59A3E39206A59143614593209973120007B469F43AD7A0EB5B4CB0B33FF800ED90592E279317288711C4F6ABA77246B7CDBC70F0CF399201BBC43897621FAB0F25AFC3555AB891FC85C11A9295EF753CFC0E7B4F8BA1303B069EC07E987E6E624EE0BB61AFD0BB978DF0E9C32A65259D504EB67CB81AC86CA8A766069C7BBBA59B2215B3291F73A50768D9135B929E1B73CD92EE6EF43E37845934A7ECC952A5F3A878CC961022E48A3F9780FFC1FD24A036658D2751B70B6DC2491E4B67B2866AE6AD1919BE8D91E0A4645437B26C2C3F1CA1D67F7645BF28B6BE3D3C7137286D386DACA940721C027E7757C108CC9856AFD10F36F44D37909CF8C5837F4FB8D55C4E54B8B419F1FE82A954C1004678A
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::67 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Feb 2022 11:31:42 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame D9A1 		43 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=D9C90B8C96C1CADA&u=%7Co7e3TP%2Bod6AfIasOIXFOjOXz7yxDcqO20myaCpJStPo%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cK_vlRc-05zX6ObfC7YwrS1f2RhnP1W1Bi9XesPz1ED-PI1uB2fGl-EFrW7eUtgZ9dX0ARfJiro1b70wYtGMPyuRmqC4z70-1ecxCSZx2zVU7jVuiYtnsAOj4EqJdiv3xmh5jj0UycPmQ1JZEMtcRNu60Zr0sfLsMOn60RHnKx8A-Rqfiti1TzDl7QNlSIWE-qFl3dKYCRF8Z52OeiNt1gB_ASqFHKJ9Ahzw8KXivMeoHGTejJXNWc_wEUqJpPdkE3EH9HOPfseqnpfii51wdFefBjQakzSJsra9o6K6o8VS-VjbuE_bcPfJhxmzvFTRPeaXreA1freucgov_-FIrljcVN-sBqSPmVsoAAGrv-cOaCUv4hTKvO5t9uxhjYCJidWcQra29Z4GXzQ_aGmUtWGwDn2VlUQRthsHsJ1m0Lj7Aa8LC3B65Ukc
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2f8ea8c10216a9a78eef90d00132a5164eb489cfee86b08ebf461819f376469f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=MMZki5kWO_GOWL9k2o3WKzSlvAU118Jb3rcUiTJwwMx_idHcfTMKVh4s2ywGVC-YiF7qlz2nqqzkJ3MaCTjLCJ0yMxAxRRIrrr4hDwHGQDnAu97czrqU8LaG1r7nKJxy-j3soZABN7D0KYiY0tT7sL9wFJwuy7vh5Zf22xx4ynHCbR-ozX7qV_biJiZzLfF56rD6NxwETE83L1NxH_om-UAYnmZW0yc-chvMzMyDwZVxkNE2VTZ0qGvzoUSWB7WCD0ZD1g"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
4300648
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B318 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.0.42.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-42-150.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 24 Feb 2022 11:31:42 GMT
Connection
keep-alive
Vary
Accept-Encoding
f4c95647-292a-45a7-81e2-027a5cd018db
beacon-ams3.rubiconproject.com/beacon/d/ Frame FF34 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/f4c95647-292a-45a7-81e2-027a5cd018db?oo=0&accountId=12398&siteId=59924&zoneId=2177830&sizeId=55&e=6A1E40E384DA563B0EAE1DCAAD1F986725D8AA8ABE2DDA057111F262AACCA926D1F69D3B6E056EF5E90422AA3FCDE0BC6256DD5F6373094891386362532BB745A0E9EEA6EA7A72DFCA0AE3EB89135EFE9D8F8125C012492459E010DBC308615454C0C6AF59A0411A9C71069096BC02B44B969E17A824A6431B592CF9B824A48B61C6D64C194DDF65516DEFF061DC0D1731771AD1DD2994AF6D36754BDC8FDD77B3AF82A215C8FD2467D6E163590116D047BB6972F4F46E0E6F1467C84A82C84798C83C6C5DEBBA7CF611CA9D2358ECB76CE72BDF1A76F602E88C7C2EA659FF21A358CB223478C1121F16F76A0318B370C0A267B24611F18A3D0ED5E305646D227580C92FE3B87B94110079C50D0857861344FCBEA5386382D2577C27F6C55D9B7A7BE8ECBDD64B51E390EC75E8AA6EDFB9A22E5897474E0AAC3CEEFAFF45261281033EC49A023B8FF0161F587A99C8F5FC855717A095A6064D7295156A861211A6DE4F409228C7B4EC5453F8391B3DD8944811AE53E0030D0694D98F177E2B4C33611777F332565AF77FD6C66DF5F87876CF78A5A0FB0AE26B007A4D88FF2CED547DADFD308293194FDF707D9D3ED77D37A0C7E1235495A8717D820721E97647CCCB9F84E3D583547A9EE579882AF9522F49E876AA3D193AFA428C536BB47F0D92BD0C6956167FC81364B154622EEC50A5475651CC12ECAEA5CC4ECF1942F67583DE865018BB0609D28BA1EC37C5DD9A4A76353264ECE5DCABF3DD16748C8528BC29C7643D6CD0EED03D670FDFFDC574BC865CBA9E2F4CE4C1F179C99571221D5DEC3E13DCC7A206C78E4C91F4832CFD54A289113C7DD83489474AB2DF4EA065C9C49ED48CA6210A4E6FC96756E5E57184B0BF495D52CE7515311988A06017E73F99ABA011D8F6C89947D5342EE80D4E18E7F5C3F21904F1E91EA33B05041E7E
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::67 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Feb 2022 11:31:42 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FF34 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssKz0_7qcb1za3ndKK1ew_KO9C22nidqi9RYBrkZZ9J4h93XPgHkeLHW9bJRGw28Xvw9oiMjCDud2QKm49XBZbF_XurCMLuISqFg_yb0wuLzVQa2KK8yqtFXmS4D5LPhIraAIVyuLEss5UiH0pwBvXcfjhXWxAg9dEHuUq1KdOoo22uBxe_Xu3HEtcJiJSSb7OPNupPqeOMeGeqkQtbriTbyp9PXA37_m6vvAaVZxP-c9Qu8AuywpmNigbNre1ELH4jHv9oguRiQfvaekMPbniUb4Ll2s233LW-VpVOdHSAYI9QsxhZwz-bdVBzCOeqNqfluqw&sig=Cg0ArKJSzOvu28r4GfkeEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 24 Feb 2022 11:31:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 24 Feb 2022 11:31:42 GMT
truncated
/ Frame FF34 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3ae011ac3adc48e8c02bb9d79eec321b0cfaad5509fb2251a60ff46fc7b1a13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 37FC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusZqTCtsbL9pgfS8M7i2hQvdguAugyBvSQQ0uMaFlQhD09Ka6hYDMhrsoApfIDuWLrrnDS6c9as8e-W3xJb9OCLBG1DYY5TD0SXTTv15QPM6Nbtmf3TpDE0zuGS-M8lEVuPo8VJQAc2JT3cveNuBoLFB6-HC37N60s9eFtOyccsBMEpNswSkMjohiM1gcE6BowTzOEWLywEhpy0lr_tn51OtlC_qzSmxFso_n1zTNfDcPQwDxZLzJHJ_b0zDPobjzlRLNERJ6bxkX2MVcKevdomZ5bwGPzh2n2x4LCgKBDGh5773O-39Y3jcb5uMPUzHYDU95PktAnyw&sig=Cg0ArKJSzBF1HsDwiQEhEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 24 Feb 2022 11:31:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 24 Feb 2022 11:31:42 GMT
truncated
/ Frame 37FC 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1df83eb9624e35368aa45d450aee4971a08d43322dfb94eb368547a7b379f977

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
pv
bisko.gjirafa.com/ 		68 B
929 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bisko.gjirafa.com/pv?t=1645702302800&guid=0c31c211dff94448a9f18d56950eb8616ca4d03b274442d6841e45d1d5f256bf&sd=e50ececc0bb345fa88ff1195a94da500&c=%5B%5D&tg=%5B%5D&tt=Klitschko%20paraqitet%20nga%20Ukraina%3A%20Ne%20jemi%20n%C3%AB%20luft%C3%AB%20dhe%20luftojm%C3%AB%20p%C3%ABr%20vendin%20ton%C3%AB%20-%20Gazeta%20Express&u=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&r=&bl=en-US&sw=1600&sh=1200&h=2&v=6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BhZ06kLaA5cp2LAy%2BvsUudIl8lMfWqE1lz3PEAsRV4NTMjdMfAzAPBOP5%2BkI9KrIOuSzVM7dwTWzY7KfrPOJ6L%2BT%2BtWUXb4aFI75H3aKgFQBcYco56aaBFemdC9rMXlMTT9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-cache-status
DYNAMIC
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
6e285e80ca9d5b2c-FRA
content-length
68
/
www.facebook.com/tr/ Frame AD3F 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.gazetaexpress.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0
date
Thu, 24 Feb 2022 11:31:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 568E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 24 Feb 2022 11:31:02 GMT
expires
Fri, 24 Feb 2023 11:31:02 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
40
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3A13 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
97ed3ad479d680ecffc4ec8911b557d0ebdc081f79530a2a0fdc588dd62e69cb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5otttU8bl2MH+3C42HaiEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 24 Feb 2022 11:31:42 GMT
date
Thu, 24 Feb 2022 11:31:42 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-5otttU8bl2MH+3C42HaiEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
ads.projectagoraservices.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=4361
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e78a , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
/
Resource Hash
6d4b871026e1912263de416e2998423157080532a674bfb55eff6372495521ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1174
expires
Thu, 24 Feb 2022 11:31:42 GMT
zJR3OIukOkUvXDCmYhCfw2TyDDXjqxvPFL3pLXTpqlNXyqSMQrTqgv6ZSpgfDmFNeL61_RWk7DQBv8TYsyHToXCEmu5wX-PRgHbQNIm7VzMk7keE2w16uhPx_LKXdfSaE9RjMy1dkfG8Ns8FBQh-0opVNCPj4hMt3xkrH0hKsqAKqD09Okxml7R_gZngWhCKmEPwu...
serv431.com/ 		43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serv431.com/zJR3OIukOkUvXDCmYhCfw2TyDDXjqxvPFL3pLXTpqlNXyqSMQrTqgv6ZSpgfDmFNeL61_RWk7DQBv8TYsyHToXCEmu5wX-PRgHbQNIm7VzMk7keE2w16uhPx_LKXdfSaE9RjMy1dkfG8Ns8FBQh-0opVNCPj4hMt3xkrH0hKsqAKqD09Okxml7R_gZngWhCKmEPwuXOvxE1E8TIICMGTpffs0k94cTzS1P57e-14u4gsFL0PblOEIsmhfs-TMlsoZkARxY4_MTK3ixVmIqvOrqexxMj37lgT7IurdPiev7h7DUTAbwXD_FSpGqjerPkII4dGKn_Zw5st9MRPEnRjS5kjG-bJkFtTQaxZWxGrN2nAnp2eKyXIW9tyZlUroxvkUQffLWJ9fgjDQW7BeJTv36CEUYGOud9srB0h7Lw?DC=WZ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
last-modified
Thu, 02 Dec 2021 16:25:42 GMT
etag
W/"43-1638462342000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame B318 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.0.42.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-42-150.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
07ec0272972dcdb6e079ce032e15cc1f6de374d89b9fdb9cf9af5c2dd2c1070b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Feb 2022 19:52:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14529
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9760
Expires
Thu, 24 Feb 2022 15:33:51 GMT
usync.js
eus.rubiconproject.com/ Frame 795A 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.0.42.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-42-150.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
07ec0272972dcdb6e079ce032e15cc1f6de374d89b9fdb9cf9af5c2dd2c1070b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Feb 2022 19:52:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14529
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9760
Expires
Thu, 24 Feb 2022 15:33:51 GMT
/
ads.projectagoraservices.com/ Frame 6BB0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=6751
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e78a , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
/
Resource Hash
b18983695372f4a79f7f99b514ffefaf9ff8f1bc359bc8ce59ee024638145c68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1420
expires
Thu, 24 Feb 2022 11:31:42 GMT
zm6bcXK8JvEpi_3AVFRFewFw9TjtEs25gAlmLdEeuTPkNFUrpe8sA6EUnjdT8atyDhQh3O9sK6LcQWGoEmirKLmbmf6kgCVm_aoZrGDanIIvXbGLtbybYemme3zm0PccQmMkHQFzD4I23HjBsrYl9RNJ3CyKWouliBUAI6nl8dQ3Ma-h2e0Lk7yXlvQuDGFZrOczw...
serv431.com/ Frame 6BB0 		43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serv431.com/zm6bcXK8JvEpi_3AVFRFewFw9TjtEs25gAlmLdEeuTPkNFUrpe8sA6EUnjdT8atyDhQh3O9sK6LcQWGoEmirKLmbmf6kgCVm_aoZrGDanIIvXbGLtbybYemme3zm0PccQmMkHQFzD4I23HjBsrYl9RNJ3CyKWouliBUAI6nl8dQ3Ma-h2e0Lk7yXlvQuDGFZrOczwAT7xi54J3lhbX2lD90EAKRytDszZasUUMCKgNVcaruyGyL81CD6-qTrmO5DCV3k03qX78b06oxaOa0s-3wj2t4ReDJfgbHHlRZ5lYanYnQXhZaXA1FwP9UDGfRz68zMy--XDeyxrSFDCZmHn0C9VoQXjLCTBaZoBAuRfgfggyROyZTd8IRK6mLQ_b62dgPEzHe-zsJQ4HRs1WhzmQfX8jMyIM0ZzluEBbg?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
last-modified
Thu, 02 Dec 2021 16:25:42 GMT
etag
W/"43-1638462342000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame D9A1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=D9C90B8C96C1CADA&u=%7Co7e3TP%2Bod6AfIasOIXFOjOXz7yxDcqO20myaCpJStPo%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cK_vlRc-05zX6ObfC7YwrS1f2RhnP1W1Bi9XesPz1ED-PI1uB2fGl-EFrW7eUtgZ9dX0ARfJiro1b70wYtGMPyuRmqC4z70-1ecxCSZx2zVU7jVuiYtnsAOj4EqJdiv3xmh5jj0UycPmQ1JZEMtcRNu60Zr0sfLsMOn60RHnKx8A-Rqfiti1TzDl7QNlSIWE-qFl3dKYCRF8Z52OeiNt1gB_ASqFHKJ9Ahzw8KXivMeoHGTejJXNWc_wEUqJpPdkE3EH9HOPfseqnpfii51wdFefBjQakzSJsra9o6K6o8VS-VjbuE_bcPfJhxmzvFTRPeaXreA1freucgov_-FIrljcVN-sBqSPmVsoAAGrv-cOaCUv4hTKvO5t9uxhjYCJidWcQra29Z4GXzQ_aGmUtWGwDn2VlUQRthsHsJ1m0Lj7Aa8LC3B65Ukc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 19 Feb 2023 11:31:42 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame D9A1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=D9C90B8C96C1CADA&u=%7Co7e3TP%2Bod6AfIasOIXFOjOXz7yxDcqO20myaCpJStPo%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cK_vlRc-05zX6ObfC7YwrS1f2RhnP1W1Bi9XesPz1ED-PI1uB2fGl-EFrW7eUtgZ9dX0ARfJiro1b70wYtGMPyuRmqC4z70-1ecxCSZx2zVU7jVuiYtnsAOj4EqJdiv3xmh5jj0UycPmQ1JZEMtcRNu60Zr0sfLsMOn60RHnKx8A-Rqfiti1TzDl7QNlSIWE-qFl3dKYCRF8Z52OeiNt1gB_ASqFHKJ9Ahzw8KXivMeoHGTejJXNWc_wEUqJpPdkE3EH9HOPfseqnpfii51wdFefBjQakzSJsra9o6K6o8VS-VjbuE_bcPfJhxmzvFTRPeaXreA1freucgov_-FIrljcVN-sBqSPmVsoAAGrv-cOaCUv4hTKvO5t9uxhjYCJidWcQra29Z4GXzQ_aGmUtWGwDn2VlUQRthsHsJ1m0Lj7Aa8LC3B65Ukc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 19 Feb 2023 11:31:42 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame D9A1 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=D9C90B8C96C1CADA&u=%7Co7e3TP%2Bod6AfIasOIXFOjOXz7yxDcqO20myaCpJStPo%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cK_vlRc-05zX6ObfC7YwrS1f2RhnP1W1Bi9XesPz1ED-PI1uB2fGl-EFrW7eUtgZ9dX0ARfJiro1b70wYtGMPyuRmqC4z70-1ecxCSZx2zVU7jVuiYtnsAOj4EqJdiv3xmh5jj0UycPmQ1JZEMtcRNu60Zr0sfLsMOn60RHnKx8A-Rqfiti1TzDl7QNlSIWE-qFl3dKYCRF8Z52OeiNt1gB_ASqFHKJ9Ahzw8KXivMeoHGTejJXNWc_wEUqJpPdkE3EH9HOPfseqnpfii51wdFefBjQakzSJsra9o6K6o8VS-VjbuE_bcPfJhxmzvFTRPeaXreA1freucgov_-FIrljcVN-sBqSPmVsoAAGrv-cOaCUv4hTKvO5t9uxhjYCJidWcQra29Z4GXzQ_aGmUtWGwDn2VlUQRthsHsJ1m0Lj7Aa8LC3B65Ukc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 19 Feb 2023 11:31:42 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame D9A1 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=D9C90B8C96C1CADA&u=%7Co7e3TP%2Bod6AfIasOIXFOjOXz7yxDcqO20myaCpJStPo%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cK_vlRc-05zX6ObfC7YwrS1f2RhnP1W1Bi9XesPz1ED-PI1uB2fGl-EFrW7eUtgZ9dX0ARfJiro1b70wYtGMPyuRmqC4z70-1ecxCSZx2zVU7jVuiYtnsAOj4EqJdiv3xmh5jj0UycPmQ1JZEMtcRNu60Zr0sfLsMOn60RHnKx8A-Rqfiti1TzDl7QNlSIWE-qFl3dKYCRF8Z52OeiNt1gB_ASqFHKJ9Ahzw8KXivMeoHGTejJXNWc_wEUqJpPdkE3EH9HOPfseqnpfii51wdFefBjQakzSJsra9o6K6o8VS-VjbuE_bcPfJhxmzvFTRPeaXreA1freucgov_-FIrljcVN-sBqSPmVsoAAGrv-cOaCUv4hTKvO5t9uxhjYCJidWcQra29Z4GXzQ_aGmUtWGwDn2VlUQRthsHsJ1m0Lj7Aa8LC3B65Ukc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 19 Feb 2023 11:31:42 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame D9A1 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=H5ef6kQAFJEiU0B3yolbLY_OB0pi2hAUIU6ueIPxNp0CtxxhhYMi2DhoFoEm2vNjcB3ZS4CC8xqQ9PEhwCsSunShU0Wm5afYd6A95N0SYyZDShwFrw-JbK_jICj_MNFS2OTCis1ZmBPc5_Q-n5qOvV5bkOv6LkXJp09ZzbXRvHyY1n9J72Eaq5-PMcgvjb5sprJV7co-mw6xS70qdR73THyxGxvmCIQE4UQAH1JZqZPzaOzLC-vnsBPQY9lAqnVrBa9Um16pZXLLJSEY5vs_q2cYKS01luYGQO_JjRZnHBWBf-ZAHqCyphvKYPVYmJhklEVZTnJB13PzOib9wZVAvOIF6PCxGqhbl4QTq9vURjU3OiAJ0MPIwcGObsvmn7pmfJGKZ_sFMTC1_q2HGJI1E8vbMifxxUP9NZ5qea5SwkJtow7vY0KbtgCYf2-mGadeRHI5Uekj_zAWjnVTWA2jfoDi56o
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=D9C90B8C96C1CADA&u=%7Co7e3TP%2Bod6AfIasOIXFOjOXz7yxDcqO20myaCpJStPo%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cK_vlRc-05zX6ObfC7YwrS1f2RhnP1W1Bi9XesPz1ED-PI1uB2fGl-EFrW7eUtgZ9dX0ARfJiro1b70wYtGMPyuRmqC4z70-1ecxCSZx2zVU7jVuiYtnsAOj4EqJdiv3xmh5jj0UycPmQ1JZEMtcRNu60Zr0sfLsMOn60RHnKx8A-Rqfiti1TzDl7QNlSIWE-qFl3dKYCRF8Z52OeiNt1gB_ASqFHKJ9Ahzw8KXivMeoHGTejJXNWc_wEUqJpPdkE3EH9HOPfseqnpfii51wdFefBjQakzSJsra9o6K6o8VS-VjbuE_bcPfJhxmzvFTRPeaXreA1freucgov_-FIrljcVN-sBqSPmVsoAAGrv-cOaCUv4hTKvO5t9uxhjYCJidWcQra29Z4GXzQ_aGmUtWGwDn2VlUQRthsHsJ1m0Lj7Aa8LC3B65Ukc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2969477
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
1584887b579e48bbbaff930390324610_image_ad_970x90.jpeg
static.criteo.net/design/dt/90764/211109/ Frame D9A1 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/90764/211109/1584887b579e48bbbaff930390324610_image_ad_970x90.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=D9C90B8C96C1CADA&u=%7Co7e3TP%2Bod6AfIasOIXFOjOXz7yxDcqO20myaCpJStPo%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cK_vlRc-05zX6ObfC7YwrS1f2RhnP1W1Bi9XesPz1ED-PI1uB2fGl-EFrW7eUtgZ9dX0ARfJiro1b70wYtGMPyuRmqC4z70-1ecxCSZx2zVU7jVuiYtnsAOj4EqJdiv3xmh5jj0UycPmQ1JZEMtcRNu60Zr0sfLsMOn60RHnKx8A-Rqfiti1TzDl7QNlSIWE-qFl3dKYCRF8Z52OeiNt1gB_ASqFHKJ9Ahzw8KXivMeoHGTejJXNWc_wEUqJpPdkE3EH9HOPfseqnpfii51wdFefBjQakzSJsra9o6K6o8VS-VjbuE_bcPfJhxmzvFTRPeaXreA1freucgov_-FIrljcVN-sBqSPmVsoAAGrv-cOaCUv4hTKvO5t9uxhjYCJidWcQra29Z4GXzQ_aGmUtWGwDn2VlUQRthsHsJ1m0Lj7Aa8LC3B65Ukc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
1a453f6aac4f037d390acfc4fa3c8b1968f45fd9c69112e2abb5cec9976905d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
last-modified
Tue, 09 Nov 2021 08:26:00 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"618a3098-e595"
strict-transport-security
max-age=31536000; preload;
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
58773
expires
Sun, 19 Feb 2023 11:31:42 GMT
Tweet.html
platform.twitter.com/embed/ Frame 5395 		487 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE7) /
Resource Hash
71c6f3e864d451643c25a29975e188b2431d080c7ea2c99b1bbade1b42c67f00

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
173
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Thu, 24 Feb 2022 11:31:42 GMT
Etag
"dfc78a09686da6e688533ffdb8515a70"
Last-Modified
Tue, 22 Feb 2022 23:54:04 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mil/6CE7)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
dis.aspx
widget.nl.eu.criteo.com/dis/ Frame 912D 		28 B
572 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.nl.eu.criteo.com/dis/dis.aspx?pu=7944&cb=62176c9de84b74ce35be32c782650024
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=D9C90B8C96C1CADA&u=%7Co7e3TP%2Bod6AfIasOIXFOjOXz7yxDcqO20myaCpJStPo%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cK_vlRc-05zX6ObfC7YwrS1f2RhnP1W1Bi9XesPz1ED-PI1uB2fGl-EFrW7eUtgZ9dX0ARfJiro1b70wYtGMPyuRmqC4z70-1ecxCSZx2zVU7jVuiYtnsAOj4EqJdiv3xmh5jj0UycPmQ1JZEMtcRNu60Zr0sfLsMOn60RHnKx8A-Rqfiti1TzDl7QNlSIWE-qFl3dKYCRF8Z52OeiNt1gB_ASqFHKJ9Ahzw8KXivMeoHGTejJXNWc_wEUqJpPdkE3EH9HOPfseqnpfii51wdFefBjQakzSJsra9o6K6o8VS-VjbuE_bcPfJhxmzvFTRPeaXreA1freucgov_-FIrljcVN-sBqSPmVsoAAGrv-cOaCUv4hTKvO5t9uxhjYCJidWcQra29Z4GXzQ_aGmUtWGwDn2VlUQRthsHsJ1m0Lj7Aa8LC3B65Ukc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/

Response headers

date
Thu, 24 Feb 2022 11:31:41 GMT
content-type
text/html
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
timing-allow-origin
*
server-processing-duration-in-ticks
3956486
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
all
csm.eu.criteo.net/ Frame D9A1 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=MMZki5kWO_GOWL9k2o3WKzSlvAU118Jb3rcUiTJwwMx_idHcfTMKVh4s2ywGVC-YiF7qlz2nqqzkJ3MaCTjLCJ0yMxAxRRIrrr4hDwHGQDnAu97czrqU8LaG1r7nKJxy-j3soZABN7D0KYiY0tT7sL9wFJwuy7vh5Zf22xx4ynHCbR-ozX7qV_biJiZzLfF56rD6NxwETE83L1NxH_om-UAYnmZW0yc-chvMzMyDwZVxkNE2VTZ0qGvzoUSWB7WCD0ZD1g&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=D9C90B8C96C1CADA&u=%7Co7e3TP%2Bod6AfIasOIXFOjOXz7yxDcqO20myaCpJStPo%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cK_vlRc-05zX6ObfC7YwrS1f2RhnP1W1Bi9XesPz1ED-PI1uB2fGl-EFrW7eUtgZ9dX0ARfJiro1b70wYtGMPyuRmqC4z70-1ecxCSZx2zVU7jVuiYtnsAOj4EqJdiv3xmh5jj0UycPmQ1JZEMtcRNu60Zr0sfLsMOn60RHnKx8A-Rqfiti1TzDl7QNlSIWE-qFl3dKYCRF8Z52OeiNt1gB_ASqFHKJ9Ahzw8KXivMeoHGTejJXNWc_wEUqJpPdkE3EH9HOPfseqnpfii51wdFefBjQakzSJsra9o6K6o8VS-VjbuE_bcPfJhxmzvFTRPeaXreA1freucgov_-FIrljcVN-sBqSPmVsoAAGrv-cOaCUv4hTKvO5t9uxhjYCJidWcQra29Z4GXzQ_aGmUtWGwDn2VlUQRthsHsJ1m0Lj7Aa8LC3B65Ukc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 24 Feb 2022 11:31:42 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D9A1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=D9C90B8C96C1CADA&u=%7Co7e3TP%2Bod6AfIasOIXFOjOXz7yxDcqO20myaCpJStPo%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cK_vlRc-05zX6ObfC7YwrS1f2RhnP1W1Bi9XesPz1ED-PI1uB2fGl-EFrW7eUtgZ9dX0ARfJiro1b70wYtGMPyuRmqC4z70-1ecxCSZx2zVU7jVuiYtnsAOj4EqJdiv3xmh5jj0UycPmQ1JZEMtcRNu60Zr0sfLsMOn60RHnKx8A-Rqfiti1TzDl7QNlSIWE-qFl3dKYCRF8Z52OeiNt1gB_ASqFHKJ9Ahzw8KXivMeoHGTejJXNWc_wEUqJpPdkE3EH9HOPfseqnpfii51wdFefBjQakzSJsra9o6K6o8VS-VjbuE_bcPfJhxmzvFTRPeaXreA1freucgov_-FIrljcVN-sBqSPmVsoAAGrv-cOaCUv4hTKvO5t9uxhjYCJidWcQra29Z4GXzQ_aGmUtWGwDn2VlUQRthsHsJ1m0Lj7Aa8LC3B65Ukc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 19 Feb 2023 11:31:42 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame D9A1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=D9C90B8C96C1CADA&u=%7Co7e3TP%2Bod6AfIasOIXFOjOXz7yxDcqO20myaCpJStPo%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cK_vlRc-05zX6ObfC7YwrS1f2RhnP1W1Bi9XesPz1ED-PI1uB2fGl-EFrW7eUtgZ9dX0ARfJiro1b70wYtGMPyuRmqC4z70-1ecxCSZx2zVU7jVuiYtnsAOj4EqJdiv3xmh5jj0UycPmQ1JZEMtcRNu60Zr0sfLsMOn60RHnKx8A-Rqfiti1TzDl7QNlSIWE-qFl3dKYCRF8Z52OeiNt1gB_ASqFHKJ9Ahzw8KXivMeoHGTejJXNWc_wEUqJpPdkE3EH9HOPfseqnpfii51wdFefBjQakzSJsra9o6K6o8VS-VjbuE_bcPfJhxmzvFTRPeaXreA1freucgov_-FIrljcVN-sBqSPmVsoAAGrv-cOaCUv4hTKvO5t9uxhjYCJidWcQra29Z4GXzQ_aGmUtWGwDn2VlUQRthsHsJ1m0Lj7Aa8LC3B65Ukc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 19 Feb 2023 11:31:42 GMT
embed.runtime.496916c603a0177546a8.js
platform.twitter.com/embed/ Frame 5395 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.496916c603a0177546a8.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF8) /
Resource Hash
ea0414a93716ed509a1e28d7f550372205a064865dcd242649f3fd042b4bcbcc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:42 GMT
Content-Encoding
gzip
Age
128121
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
4454
x-tw-cdn
VZ
Last-Modified
Tue, 22 Feb 2022 23:54:04 GMT
Server
ECS (mil/6CF8)
Etag
"4e77bdd0b7c00de1b35488ba9a08f6a3+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.modules.aef85bf61d706d7edafa.js
platform.twitter.com/embed/ Frame 5395 		515 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.aef85bf61d706d7edafa.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE8) /
Resource Hash
655564f3a2be989067e2cb2c6bc9995a55ae13ec9cc0d0c3dc128961faad15e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:42 GMT
Content-Encoding
gzip
Age
128121
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
171389
x-tw-cdn
VZ
Last-Modified
Tue, 22 Feb 2022 23:54:04 GMT
Server
ECS (mil/6CE8)
Etag
"b2faf8accdee57f7929c5b7623e6e7a3+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.i18n.293ca00a272b34d032a9.js
platform.twitter.com/embed/ Frame 5395 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.293ca00a272b34d032a9.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF7) /
Resource Hash
f6b352979b0153deb67020a332f179fb99a0822040de5e019af272c2920192b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:43 GMT
Content-Encoding
gzip
Age
128122
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
792
x-tw-cdn
VZ
Last-Modified
Tue, 22 Feb 2022 23:54:04 GMT
Server
ECS (mil/6CF7)
Etag
"22e04932e731bc174868c60c46980c73+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.Tweet.01526928584811c90078.js
platform.twitter.com/embed/ Frame 5395 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.01526928584811c90078.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF4) /
Resource Hash
738fe0e71d37d6599ad5e289e43714c6e9b57231321be9f4e800727c73bb4850

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:43 GMT
Content-Encoding
gzip
Age
128122
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
5560
x-tw-cdn
VZ
Last-Modified
Tue, 22 Feb 2022 23:54:04 GMT
Server
ECS (mil/6CF4)
Etag
"599fe282094d883e546f1dac4291ffde+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
sodar
pagead2.googlesyndication.com/pagead/ Frame 3A13 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220221&jk=3415778849521025&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
pagead2.googlesyndication.com/bg/ Frame 568E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21fbd6b11f1cf10a085cc6550404fa92a55d0b3471b0ca90cb40be00466b8fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
1607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13530
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Feb 2023 11:04:55 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame C98A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 19 Feb 2023 11:31:42 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame C98A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 19 Feb 2023 11:31:42 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C98A 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 19 Feb 2023 11:31:42 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame C98A 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 19 Feb 2023 11:31:42 GMT
ai.aspx
m.exactag.com/ Frame C98A 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=15&extPu=jakoo-criteo&extLi=261496&extCr=569_1&rnd=62176c9e6c2162c0b3a769ad903af06d
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
Do, 24 Feb 2022 11:31:43 GMT
Server
Microsoft-IIS/8.5
Date
Thu, 24 Feb 2022 11:31:42 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://ads.eu.criteo.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
569
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame C98A 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=ja-RQGtcCSogmoFcpWkuDdMHz65Mm5L97b2lFL510CTqs8uvZUiZsR4HXFLYuo33yq8NcOTb-WI8nBHPn8HJ3pkyp3rpm9zBTMy1tf1a_7x72cugDf1Pap-9K3laTATgCXtb2vSRJnO6q4pMyvbHO6e0vpxr_Sp0qq89OW2_134lYDqxUJca7BMmx5z_C3Q6-_yTyn9QG8rAXEkgcIDPnTlBw1h0r0RR3W5DzEZHC-LhNVE6KMUJjfWXYtuDdVCOI8KqYaIb0BBD3lxwGuyw8GOdOjC7_P_otfnyDYzu9YagHOJKDOnTIx2MO8oxe2dvpr8Wze9B4V9Wife7m2tvn_FPTx453oNhgzi13z47-jNqpfYrJlkkYQJNEnsCOL8YLl1GdunERhulm0gQY22ttkciGigWVV5jDcK5DyZVLbc4uzWMV9cTm2EvboHdxzJ4Eaojz7eYucvzzNfA0qvB-c2YEsE
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3807967
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
dis.aspx
widget.nl.eu.criteo.com/dis/ Frame 0F2A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.nl.eu.criteo.com/dis/dis.aspx?pu=7944&cb=62176c9e6c2162c0b3a769ad903af06d
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d765352f4b8ad1f4cac3f0c34d746a2ce01c1f5279106c6ff34cc32d59509a79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
content-type
text/html
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
timing-allow-origin
*
server-processing-duration-in-ticks
6037080
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
/
ads.projectagoraservices.com/ Frame AB44 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=4391
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e78a , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
/
Resource Hash
533082022bc927661c3e1117efd56ad87697ebf11b5e798341a2639f306a3c86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
4071
expires
Thu, 24 Feb 2022 11:31:43 GMT
zBeSEwdJLXpI-6oDWHixz1dZffPtfD0G_zSRifWlrdkmUuHfd2foAPmlO3Q_R25e2zFuMrq3UYewrtAzvmUVn2CUey_h41supX_LbUFZPrwJuWrVka6I9PtuLCoHbncBG1alszXHX0KhOg9VMmTx-1IpMM26tYoDjhmcQQcHWrZrvE19ntqfX52DQN-3w8P2WsGiR...
serv431.com/ Frame AB44 		43 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serv431.com/zBeSEwdJLXpI-6oDWHixz1dZffPtfD0G_zSRifWlrdkmUuHfd2foAPmlO3Q_R25e2zFuMrq3UYewrtAzvmUVn2CUey_h41supX_LbUFZPrwJuWrVka6I9PtuLCoHbncBG1alszXHX0KhOg9VMmTx-1IpMM26tYoDjhmcQQcHWrZrvE19ntqfX52DQN-3w8P2WsGiRfxcMcL-neCp-tDpqopgFFhsXLfMTNar8XCQw2h91SCIB1KCL1PBCu4j1LB9rMVS7_vO1GQJaf7emTjjhNXckIrMPfOcpUydr_-Uf5vrZVtEp5LHQrQrxLBg3ZIw9C3y4lxrdNq_HD0MkV6AaSaPJhRaxHMAI9yIHN2rfDEYOx7btasTCp1AafwaY4S2i-DfCvVRpcDUcDgqE-PZM2VQMlCn3dN3StZUcyYo?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
last-modified
Thu, 02 Dec 2021 16:25:42 GMT
etag
W/"43-1638462342000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame AA8E 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=4391
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e78a , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
/
Resource Hash
533082022bc927661c3e1117efd56ad87697ebf11b5e798341a2639f306a3c86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
4071
expires
Thu, 24 Feb 2022 11:31:43 GMT
z7SPpfZ4ZHfzdzFPb_zQgz1KkV7l9K2vHokYoCoyRGiUlRNvPcE8spkGTeTtqOoOirv9mXIyVXilBKXFynAhI4mONhtusUYAwc1pRYLSaacf0uZYxeAweIt8yz17ZJ2f0Uvea81RZsCN2Cik4PsAFrl6wmbJMwml5ULlOvh3SxIjrGYko1z0J-i4j7Q9fEUXLEfnt...
serv431.com/ Frame AA8E 		43 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serv431.com/z7SPpfZ4ZHfzdzFPb_zQgz1KkV7l9K2vHokYoCoyRGiUlRNvPcE8spkGTeTtqOoOirv9mXIyVXilBKXFynAhI4mONhtusUYAwc1pRYLSaacf0uZYxeAweIt8yz17ZJ2f0Uvea81RZsCN2Cik4PsAFrl6wmbJMwml5ULlOvh3SxIjrGYko1z0J-i4j7Q9fEUXLEfntVKkkasfDKwXPE08lMxlxHC2YArsGQMu9R7SG8ijv-w-FvTaAJ9O_T6g8N4ljOEbfbhWMl4XOCZmbtDg9b2icvkleV8pcEcxid_ePSfRXfPt_mQl_SaFpEzgUqxrTmP51G8onnK7Q94PKvTAqsOVKCyxwdO7Buc-RiFaovWTYsNs9wd5-_kCN9YSK6QC5BKjiEu4bfKKMbLhz7Hj_qkPzebtbhBUvG3_1gSc?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
last-modified
Thu, 02 Dec 2021 16:25:42 GMT
etag
W/"43-1638462342000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame 231E 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=4391
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e78a , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
/
Resource Hash
533082022bc927661c3e1117efd56ad87697ebf11b5e798341a2639f306a3c86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
4071
expires
Thu, 24 Feb 2022 11:31:43 GMT
zaF21vn0TX9lXusJkPsDvVbJjWA9l1ryyBdzMx1Ok7NxoiZfvj2wbxYfFcLd02yzoG6yEmlDH-9-Uy3bHRfEj7xiN49e54Kki8wJJkBS3y2rYZqsz4ijDyeJ7fpSkGR_wKttCKhcpGmc9kC--q-eI2Xmxpj41TqkfN--mZKLxcBKtxCEP7_z_mz2Kg30CJPCV63q_...
serv431.com/ Frame 231E 		43 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serv431.com/zaF21vn0TX9lXusJkPsDvVbJjWA9l1ryyBdzMx1Ok7NxoiZfvj2wbxYfFcLd02yzoG6yEmlDH-9-Uy3bHRfEj7xiN49e54Kki8wJJkBS3y2rYZqsz4ijDyeJ7fpSkGR_wKttCKhcpGmc9kC--q-eI2Xmxpj41TqkfN--mZKLxcBKtxCEP7_z_mz2Kg30CJPCV63q_KJHmQMk-qhGjsJSqfWeU1luQrwml8vwxvJDNnSgMCEPnFYUHKOznD8YJkUDTeNehcfEeb1-65UtIR5RriWly4NRkBnKOfxNamW80adTajiXCv8jrWairuAcqlmhQ24ZDRqPGcWXqz_ZaW8_txN-vDdVMmZAP0XcK-mYuO17Nxqwdjo99oZ1tVnKFeRcABKI7cp_q-EeTVbRS16q_zxaGEB3WEGgmh-SKZ4E?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
last-modified
Thu, 02 Dec 2021 16:25:42 GMT
etag
W/"43-1638462342000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C98A 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
858348
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dB4ZYWN532iYu3hIXNxB2%2B9EKWUKnYYSf%2Fintnq4Q9mboVDc1zFOmTuOgchGsxS2PNc4Of7zaKzDit2yndJPypA25IsnaHuWj5n%2FVt7Kv5P2QKg8fFna5n1Wsh9t7Nau4FXB1sOHtAJBkMY7a41n6AF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e285e820f86375b-MXP
expires
Tue, 14 Feb 2023 11:31:43 GMT
pixel
cm.g.doubleclick.net/ Frame B318
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQ1ZTQzNTM3NzFhZWI0M2I5ZWQ0ODZkMGViOTQ0YTg5NjUyYjUwYQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQ1ZTQzNTM3NzFhZWI0M2I5ZWQ0ODZkMGViOTQ0YTg5NjUyYjUwYQ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQ1ZTQzNTM3NzFhZWI0M2I5ZWQ0ODZkMGViOTQ0YTg5NjUyYjUwYQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame B318
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L00WNRAU-3-IEFM&sigv=1&esig=2~031741e51463370bed298bb9db2b584c6a216a53
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L00WNRAU-3-IEFM&sigv=1&esig=2~031741e51463370bed298bb9db2b584c6a216a53
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L00WNRAU-3-IEFM&sigv=1&esig=2~031741e51463370bed298bb9db2b584c6a216a53
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame B318
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L00WNRAU-3-IEFM
0
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L00WNRAU-3-IEFM
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 23FC490F6F4A4D20A6B177C78E2733B2 Ref B: FRAEDGE1414 Ref C: 2022-02-24T11:31:43Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXYwe0vl66NSJr6lYjZTg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L00WNRAU-3-IEFM
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B318
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=022a6217-6c9e-4700-8eb1-e8bab3e6aaa8
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=022a6217-6c9e-4700-8eb1-e8bab3e6aaa8
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

Date
Thu, 24 Feb 2022 11:31:43 GMT
Server
MT3 4172 645ee8c master zrh-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=022a6217-6c9e-4700-8eb1-e8bab3e6aaa8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 24 Feb 2022 11:31:42 GMT
709414.gif
id.rlcdn.com/ Frame B318 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame B318
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/dtKf_XoIlm1x_QZqUCYjhQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7864689773492098874
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7864689773492098874
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

date
Thu, 24 Feb 2022 11:31:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7864689773492098874
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
rubicon
match.adsrvr.org/track/cmf/ Frame B318 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame B318
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHN5VbCs9-Ha3aq8Jtpa13k&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHN5VbCs9-Ha3aq8Jtpa13k&google_cver=1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHN5VbCs9-Ha3aq8Jtpa13k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame C98A 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 19 Feb 2023 11:31:43 GMT
2717e81d890d46738772993963bb8d52_cpn_300x250_2.png
static.criteo.net/design/dt/22718/220218/ Frame C98A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/22718/220218/2717e81d890d46738772993963bb8d52_cpn_300x250_2.png
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
629bf5faeee4dbd13b4231131eb04a7319ef8ea4eaf72e3e7d5f94655364f6db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
last-modified
Fri, 18 Feb 2022 15:01:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"620fb4be-880"
strict-transport-security
max-age=31536000; preload;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
2176
expires
Sun, 19 Feb 2023 11:31:43 GMT
img
pix.eu.criteo.net/img/ Frame C98A 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=132&m=0&partner=22718&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F22718%2F200820%2F938eed291e824342be530d06e4b9de21_zeichenflache_1.png&v=3&w=596&s=kqHKu347TQguR_x-nMdMlq13
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
98be9d338e21ab85e0d5ad625b1da367f9efb0a256d75779bf28969325d50d14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29471534
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
29887
expires
Tue, 31 Jan 2023 14:03:57 GMT
img
pix.eu.criteo.net/img/ Frame C98A 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=22718&q=80&r=0&u=https%3A%2F%2Fedge-jako-o.azureedge.net%2Fcs%2Fproducts%2F67%2F82%2F87%2F550x550.jpg&v=3&w=400&s=R5a_ODpak2d1u8ieCOCr9jlS&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
16677b42606069de46f312ab187c8e2667365d69f45bb7a9a8611e46406719d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31220076
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
13060
expires
Mon, 20 Feb 2023 19:46:19 GMT
img
pix.eu.criteo.net/img/ Frame C98A 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=22718&q=80&r=0&u=https%3A%2F%2Fedge-jako-o.azureedge.net%2Fcs%2Fproducts%2F67%2F98%2F92%2F550x550.jpg&v=3&w=400&s=_Aq38JuDhdHxVv1nf6fnBkqg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ccde4f785379225dc4d399f13037ed74a32a60b8c01bb99d76a4016903339fe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29461729
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30652
expires
Tue, 31 Jan 2023 11:20:32 GMT
img
pix.eu.criteo.net/img/ Frame C98A 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=22718&q=80&r=0&u=https%3A%2F%2Fedge-jako-o.azureedge.net%2Fcs%2Fproducts%2F68%2F61%2F49%2F550x550.jpg&v=3&w=400&s=Kts3C8Kl1fJW8VyXMLWTao1i&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a8beac6e279b2f8a64b52b96208fa3b6b1baeea4aba4628f029f148a1f2a190c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29640095
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
12182
expires
Thu, 02 Feb 2023 12:53:18 GMT
img
pix.eu.criteo.net/img/ Frame C98A 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=22718&q=80&r=0&u=https%3A%2F%2Fedge-jako-o.azureedge.net%2Fcs%2Fproducts%2F65%2F27%2F07%2F550x550.jpg&v=3&w=400&s=MZZ-xO7XdiNXGSiEHHSbz7FU&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
2522cd8838af03dd97ab2b307c3400ccf108b481db1dc364d794660037b86b88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29707736
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
21290
expires
Fri, 03 Feb 2023 07:40:39 GMT
img
pix.eu.criteo.net/img/ Frame C98A 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=22718&q=80&r=0&u=https%3A%2F%2Fedge-jako-o.azureedge.net%2Fcs%2Fproducts%2F68%2F99%2F17%2F550x550.jpg&v=3&w=400&s=Ep54agIM7oJg479a8XLtcy9u&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
8308aa6b500482fff13a0aff99870a4f3e8f01d3a19a6c4c17a78e251c949208
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30126632
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11274
expires
Wed, 08 Feb 2023 04:02:15 GMT
img
pix.eu.criteo.net/img/ Frame C98A 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=22718&q=80&r=0&u=https%3A%2F%2Fedge-jako-o.azureedge.net%2Fcs%2Fproducts%2F38%2F35%2F94%2F550x550.jpg&v=3&w=400&s=VZdE-Cci3pK-K8q1GQpCfDtW&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
761b68791cfd91bce8a3cbc8be738d36e8b45d1664e14bc820f5265ac4cf8e7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30157117
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
12398
expires
Wed, 08 Feb 2023 12:30:20 GMT
all
csm.eu.criteo.net/ Frame C98A 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Wc6QjJkWO_GOWL9kxXBKq-f6n6N6ZnFRQRdNJpTEtbX9OP25HN1A0N79S9s4VMB5TAqOmGWfY0VlfnReIpg8n0ywKBsLMSv2zMBQMTLKiuf4saswhTH5p-7CVooE-BzbsqI9DkHPUQXJkuWj08-Ruo0I_UyBFxm47pHBH2tCjSmyIm1cUApaC3HtgUV1JJNDGUSYHA7oiZccAEYdv0BXT4Yd-szaJkA9Z_hrHxXy4IupQfT6WqVJtH5PilBqT1SxLn2moQ&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 24 Feb 2022 11:31:42 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C98A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 19 Feb 2023 11:31:43 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C98A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 19 Feb 2023 11:31:43 GMT
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame 6BB0 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6751
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a8 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
UploadServer /
Resource Hash
257a4584294f6aa97aeb3e9c8ddfdef3892ca1b3530213f80a2b431f0da20159

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 11:41:27 GMT
server
UploadServer
etag
"a178823d2ae84db5f82ee3f3802b46c8"
vary
Accept-Encoding
x-goog-hash
crc32c=tugYrw==, md5=oXiCPSroTbX4LuPzgCtGyA==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdsc10b4nKPIsStuOQIFLBlsj04emrx9FeyWPK1TBWlYfyBWUhI21Q5PFj3IyoWfhNaRaSHYSgoiLFAIkhbzy0CLEoXtqQ
content-length
7481
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame 0196 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4361
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a8 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
UploadServer /
Resource Hash
257a4584294f6aa97aeb3e9c8ddfdef3892ca1b3530213f80a2b431f0da20159

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 11:41:27 GMT
server
UploadServer
etag
"a178823d2ae84db5f82ee3f3802b46c8"
vary
Accept-Encoding
x-goog-hash
crc32c=tugYrw==, md5=oXiCPSroTbX4LuPzgCtGyA==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdsc10b4nKPIsStuOQIFLBlsj04emrx9FeyWPK1TBWlYfyBWUhI21Q5PFj3IyoWfhNaRaSHYSgoiLFAIkhbzy0CLEoXtqQ
content-length
7481
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame F665 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6750
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a8 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
UploadServer /
Resource Hash
257a4584294f6aa97aeb3e9c8ddfdef3892ca1b3530213f80a2b431f0da20159

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 11:41:27 GMT
server
UploadServer
etag
"a178823d2ae84db5f82ee3f3802b46c8"
vary
Accept-Encoding
x-goog-hash
crc32c=tugYrw==, md5=oXiCPSroTbX4LuPzgCtGyA==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdsc10b4nKPIsStuOQIFLBlsj04emrx9FeyWPK1TBWlYfyBWUhI21Q5PFj3IyoWfhNaRaSHYSgoiLFAIkhbzy0CLEoXtqQ
content-length
7481
y7fSIC-Nar-PQDdmdwDlbGcPmlk.js
www.gazetaexpress.com/cdn-cgi/apps/head/ Frame DAB9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/apps/head/y7fSIC-Nar-PQDdmdwDlbGcPmlk.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/webads/onefor/960x200/index.html?utm_source=Gazeta+Express
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fad256c668aa1eb51fa18a925e95273df342e46f3162de728123b4c1fb922b5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/webads/onefor/960x200/index.html?utm_source=Gazeta+Express
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683266
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1BF9QVJZXCB8BR4P
x-amz-id-2
DZfH/DKbEW6iprS7LXWimgfjAih1FxzhV4ROJQscY4chpFyAUlaN5m8tqH5r+LOvXqIdqs8oXNw=
last-modified
Tue, 10 Nov 2020 13:59:35 GMT
server
cloudflare
etag
W/"b61e1b8cbc26b381f84b9fe75d6bd20a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coUkTEYhdIm1OadK5aS6KVFFeT%2BBCRMwTgzO9STOCEP9%2Fj34tkFpaAN8E31CAU4iNmUZIl%2B10rnq7wQKnAjRDmt0oiRM3zcRUbbviMI1VkWOueYxwqrH5FG5aGchpb%2BVVkb89U2cbxs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
EbY_Qr2u_RqkzHBQ7tezB1tU2A4mETa.
cf-ray
6e285e823e74915e-FRA
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame AB44 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4391
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a8 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
UploadServer /
Resource Hash
257a4584294f6aa97aeb3e9c8ddfdef3892ca1b3530213f80a2b431f0da20159

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 11:41:27 GMT
server
UploadServer
etag
"a178823d2ae84db5f82ee3f3802b46c8"
vary
Accept-Encoding
x-goog-hash
crc32c=tugYrw==, md5=oXiCPSroTbX4LuPzgCtGyA==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdsc10b4nKPIsStuOQIFLBlsj04emrx9FeyWPK1TBWlYfyBWUhI21Q5PFj3IyoWfhNaRaSHYSgoiLFAIkhbzy0CLEoXtqQ
content-length
7481
embed.vendors~ondemand.en-js.fb959cd7154f3c56a8da.js
platform.twitter.com/embed/ Frame 5395 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.en-js.fb959cd7154f3c56a8da.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.496916c603a0177546a8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CED) /
Resource Hash
0a5377eb8e83be2ee2593492f90bebbd34724ec051ef4e5332b9d4d4ea0195cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:43 GMT
Content-Encoding
gzip
Age
128122
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
12780
x-tw-cdn
VZ
Last-Modified
Tue, 22 Feb 2022 23:54:04 GMT
Server
ECS (mil/6CED)
Etag
"620123f935ecdf8c083ef823e0eeda3d+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.en-js.e84cb370ed3e40856450.js
platform.twitter.com/embed/ Frame 5395 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.en-js.e84cb370ed3e40856450.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.496916c603a0177546a8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE5) /
Resource Hash
486bcf8532c028937fb68a57bcf22a6e0862c8e1ab157ea639979d0f7ea9b74d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:43 GMT
Content-Encoding
gzip
Age
128121
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
1801
x-tw-cdn
VZ
Last-Modified
Tue, 22 Feb 2022 23:54:04 GMT
Server
ECS (mil/6CE5)
Etag
"668b3e5058c7ed61a38da6c433123235+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.i18n.en-js.5cdc09e4a37a07720433.js
platform.twitter.com/embed/ Frame 5395 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.5cdc09e4a37a07720433.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.496916c603a0177546a8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CDE) /
Resource Hash
790ec30d324db549e4f6f3c493251e6e7d4337f0abb13c8e8873fff8b7b235fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:43 GMT
Content-Encoding
gzip
Age
128121
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
1801
x-tw-cdn
VZ
Last-Modified
Tue, 22 Feb 2022 23:54:04 GMT
Server
ECS (mil/6CDE)
Etag
"3fa047c294a1fd7d30105f7a1e2febcc+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4361
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a8 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
UploadServer /
Resource Hash
257a4584294f6aa97aeb3e9c8ddfdef3892ca1b3530213f80a2b431f0da20159

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 11:41:27 GMT
server
UploadServer
etag
"a178823d2ae84db5f82ee3f3802b46c8"
vary
Accept-Encoding
x-goog-hash
crc32c=tugYrw==, md5=oXiCPSroTbX4LuPzgCtGyA==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdsc10b4nKPIsStuOQIFLBlsj04emrx9FeyWPK1TBWlYfyBWUhI21Q5PFj3IyoWfhNaRaSHYSgoiLFAIkhbzy0CLEoXtqQ
content-length
7481
css
fonts.googleapis.com/ Frame DAB9 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter:700,regular,500
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/webads/onefor/960x200/index.html?utm_source=Gazeta+Express
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e0acc73e788587d1ad30fe3a71bbc02dbaff6681c2d6499540094e6b6506867
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 11:31:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 24 Feb 2022 11:31:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 24 Feb 2022 11:31:43 GMT
Enabler.js
s0.2mdn.net/ads/studio/ Frame DAB9 		134 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/webads/onefor/960x200/index.html?utm_source=Gazeta+Express
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86441c9a21f4c77dcbb2a4f020d904179f15c8e9b35f3f85d5d053ee62c13232
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:21:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46298
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 24 Feb 2022 11:36:17 GMT
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame AA8E 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4391
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a8 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
UploadServer /
Resource Hash
257a4584294f6aa97aeb3e9c8ddfdef3892ca1b3530213f80a2b431f0da20159

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 11:41:27 GMT
server
UploadServer
etag
"a178823d2ae84db5f82ee3f3802b46c8"
vary
Accept-Encoding
x-goog-hash
crc32c=tugYrw==, md5=oXiCPSroTbX4LuPzgCtGyA==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdsc10b4nKPIsStuOQIFLBlsj04emrx9FeyWPK1TBWlYfyBWUhI21Q5PFj3IyoWfhNaRaSHYSgoiLFAIkhbzy0CLEoXtqQ
content-length
7481
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame 231E 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4391
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a8 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
UploadServer /
Resource Hash
257a4584294f6aa97aeb3e9c8ddfdef3892ca1b3530213f80a2b431f0da20159

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 11:41:27 GMT
server
UploadServer
etag
"a178823d2ae84db5f82ee3f3802b46c8"
vary
Accept-Encoding
x-goog-hash
crc32c=tugYrw==, md5=oXiCPSroTbX4LuPzgCtGyA==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdsc10b4nKPIsStuOQIFLBlsj04emrx9FeyWPK1TBWlYfyBWUhI21Q5PFj3IyoWfhNaRaSHYSgoiLFAIkhbzy0CLEoXtqQ
content-length
7481
css
fonts.googleapis.com/ Frame C98A 		7 KB
811 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:400,700%7COpen+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99c5dbef143c928cfa20dbc8a697454ca9f41b172b5b4eab5b804fcf69db2a53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 11:07:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 24 Feb 2022 11:31:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 24 Feb 2022 11:31:43 GMT
sync
gum.criteo.com/ Frame 597C 		0
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 597C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1YSE1uVGtiN243S0d4MFk4SFE2bDFObm5xWjBPUld0Q1V3RjFuQQ
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
176922
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
partner.mediawallahscript.com/ Frame 597C 		0
0
362338.gif
idsync.rlcdn.com/ Frame 597C 		0
0
receive
pixel.tapad.com/idsync/ex/ Frame 597C 		0
0
v1
ads.yahoo.com/cms/ Frame 597C 		0
0
spp.pl
sp.analytics.yahoo.com/ Frame 597C 		0
0
sync
ups.analytics.yahoo.com/ups/58301/ Frame 597C 		0
0
cookie-sync
sync.outbrain.com/ Frame 597C 		0
0
t.gif
cw.addthis.com/ Frame 597C 		0
0
tap.php
pixel.rubiconproject.com/ Frame 597C 		0
0
setuid
secure.adnxs.com/ Frame 597C 		0
0
pixelCt.tpmn
ad.tpmn.co.kr/ Frame 597C 		0
0
idsync
tg.socdm.com/aux/ Frame 597C 		0
0
sync
adgen.socdm.com/rtb/ Frame 597C 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 597C 		0
0
/
cs.adingo.jp/sync/ Frame 597C 		0
0
xuid
eb2.3lift.com/ Frame 597C 		0
0
k-ae0dm0b7n7KGx0Y8HQ6l1NnnqZ37u81_rli65g
an.yandex.ru/mapuid/criteois/ Frame 597C 		0
0
cksync.php
contextual.media.net/ Frame 597C 		0
0
/
sync.ad-stir.com/ Frame 597C 		0
0
rum
r.casalemedia.com/ Frame 597C 		0
0
pixel
adx.dable.io/ Frame 597C 		0
0
/
s.ad.smaato.net/c/ Frame 597C 		0
0
sync
x.bidswitch.net/ Frame 597C 		0
0
sync
ad.as.amanad.adtdp.com/v1/ Frame 597C 		42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.as.amanad.adtdp.com/v1/sync?dsp_id=4,5&uid=k-hg-4c0b7n7KGx0Y8HQ6l1NnnqZ3P9UgMRubpgg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=5E6D47970CE66D6E&u=%7Co7e3TP%2Bod6BIex1J%2B4MS5FtVbgqwvxHVdcbt4xzfh5w%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cKxOvXzGstj9lMG1UOB69ywmB3tbLwA5yr1obJVx1uGxqakQUKJ8dxGFKC_aIkCLxDHKZv2Gqkqxpsc5axZUpntA1aQB4BElOpggaXD9XWRrb4f9ZL_ly0Q8rza4qaXn75RGEqlXoAPbKSTkPXdzRTekBHpVJ8mMZvso2q0MW6mbSKWSj4xTZU8tro0RA-XunfKnU9QjPyz-o9E8GnJgFgLGB9bDLPpafPnJxL1P2hFr-CgRHA9ZnrhPZP_VYjWLokZmUHDUMSshEPlhEIQZIA9nFo1o_A6hlpPSRyeUA-AU8KxNYdJGtEJ6ewPvWB99iWVVRGgFH40bJfr6UETPaeYKkDKFsfy7UbD8lk7SuXJuy9QlFyXEixekujLT8m6cdS62Rrg3wdnQdtbqWJtbwOPnAzvVvdcS62q1Z7_Gc3EJBx9MyLacOOTk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-115.fra56.r.cloudfront.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
42
x-xss-protection
0
pragma
no-cache
x-amzn-trace-id
Root=1-00000000-000000000000000000000000
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
DWWuNAeNGxfkq7oe6Atz5v9dewbey7umWa1NzeDeIxTrpqxCWpa5lQ==
expires
Thu, 01 Jan 1970 09:00:00 GMT
pixel_sync
trends.revcontent.com/cm/ Frame 597C 		0
0
U-7Baa56EnJJkA-3VT33cT_3HbI.js
www.gazetaexpress.com/cdn-cgi/apps/body/ Frame DAB9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/apps/body/U-7Baa56EnJJkA-3VT33cT_3HbI.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/cdn-cgi/apps/head/y7fSIC-Nar-PQDdmdwDlbGcPmlk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6927908310a9d8ea2a4e5594452cefd9dc8c8aa71bf101c4d497964b16efedf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/webads/onefor/960x200/index.html?utm_source=Gazeta+Express
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
683264
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ASEFSJFD2P14G9FD
x-amz-id-2
GjtPn0bEBiWSb02v6qTGyEm+aMnMAJEdc1ud/szOeZHUMoavWNE13kRxGSeAkCd+djZAsrUfb08=
last-modified
Tue, 10 Nov 2020 13:59:34 GMT
server
cloudflare
etag
W/"a48224d294929710ccf63815c082d82a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhmkcLpqH21PB5ZpKaCA8sk02tzwWnIqLbFBO%2F6FsqKq7B9E6O%2ByVLrgiYee85txzfRIWJKKOWrPZiK4suCopQdIprcON1lkwyZ3c9Cdj%2Bfe%2FK%2FAMazEoime%2F8M2QSLHfp1m4pZGKn0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
OdY.zUSDblunDdofCPVQz2xapN1Ewriy
cf-ray
6e285e830919915e-FRA
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.28963ec4ae59d495c969.js
platform.twitter.com/embed/ Frame 5395 		409 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.28963ec4ae59d495c969.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.496916c603a0177546a8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF2) /
Resource Hash
0eb0596921de03eb531b79eeca369e592c06f9cdfdde04f6312a0a797c2e31ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:43 GMT
Content-Encoding
gzip
Age
128121
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
116278
x-tw-cdn
VZ
Last-Modified
Tue, 22 Feb 2022 23:54:04 GMT
Server
ECS (mil/6CF2)
Etag
"2b55e07f155c1e5abb0c734425fe5cc0+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.vendors~ondemand.Tweet.c53ccbafdf01ccbb36d0.js
platform.twitter.com/embed/ Frame 5395 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.c53ccbafdf01ccbb36d0.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.496916c603a0177546a8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEF) /
Resource Hash
8ea598da9992b36a0542e349335c19953d655652706ede13b7c411a95f7119dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:43 GMT
Content-Encoding
gzip
Age
128121
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
10836
x-tw-cdn
VZ
Last-Modified
Tue, 22 Feb 2022 23:54:04 GMT
Server
ECS (mil/6CEF)
Etag
"c0cf8c5e42b4c181d11768722e450876+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.adaf14ae6cf25789c0a7.js
platform.twitter.com/embed/ Frame 5395 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.adaf14ae6cf25789c0a7.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.496916c603a0177546a8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE8) /
Resource Hash
60c01ff4faf3b83a7fff38b5d554ca9baf2af29f11dbbff8ed978442c08a3150

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:43 GMT
Content-Encoding
gzip
Age
128121
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
5691
x-tw-cdn
VZ
Last-Modified
Tue, 22 Feb 2022 23:54:04 GMT
Server
ECS (mil/6CE8)
Etag
"f05fcf06cd559f3fba12b6821acc1315+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.Tweet.dc467813eddefbd02801.js
platform.twitter.com/embed/ Frame 5395 		56 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.dc467813eddefbd02801.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.496916c603a0177546a8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE4) /
Resource Hash
bee6ca6e6d56595d4ffacbab7e8f7b3635d670fa63a420f4bc8e587a5717a891

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:43 GMT
Content-Encoding
gzip
Age
128122
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
13092
x-tw-cdn
VZ
Last-Modified
Tue, 22 Feb 2022 23:54:04 GMT
Server
ECS (mil/6CE4)
Etag
"5a127786833535167357ece0ea0a5b61+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v8/ Frame DAB9 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v8/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:700,regular,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 18:06:53 GMT
x-content-type-options
nosniff
age
62690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37716
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 17:42:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Feb 2023 18:06:53 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v26/ Frame C98A 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v26/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700%7COpen+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 15:20:52 GMT
x-content-type-options
nosniff
age
72651
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31248
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:37:29 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 15:20:52 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame C98A 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700%7COpen+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 00:14:34 GMT
x-content-type-options
nosniff
age
127029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 00:14:34 GMT
seg
secure.adnxs.com/ Frame 597C 		0
0
generate_204
tpc.googlesyndication.com/ Frame 568E 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?c0CrWQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sync
gum.criteo.com/ Frame 597C 		0
0
analytics.js
www.google-analytics.com/ Frame DAB9 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/cdn-cgi/apps/body/U-7Baa56EnJJkA-3VT33cT_3HbI.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5211
date
Thu, 24 Feb 2022 10:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 24 Feb 2022 12:04:52 GMT
collect
www.google-analytics.com/j/ Frame DAB9 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=692812876&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetaexpress.com%2Fwebads%2Fonefor%2F960x200%2Findex.html%3Futm_source%3DGazeta%2BExpress&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=960x200&je=0&_u=AACAAEABAAAAAC~&jid=&gjid=&cid=771925142.1645702302&tid=UA-6427330-1&_gid=971087010.1645702302&_slc=1&z=1819485928
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
c.mgid.com/pv/ 		0
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1645702303320907610548&ogtitle=Klitschko%20paraqitet%20nga%20Ukraina%3A%20Ne%20jemi%20n%C3%AB%20luft%C3%AB%20dhe%20luftojm%C3%AB%20p%C3%ABr%20vendin%20ton%C3%AB%20-%20Gazeta%20Express&uniqId=16c7d&childs=1214277&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&lu=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&sessionId=62176c9f-07dad&pageView=1&pvid=17f2b804e589864a0e5&site=634059&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6e285e83de919004-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tweet
cdn.syndication.twimg.com/ Frame 5395 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1496736388523384834&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.aef85bf61d706d7edafa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF3) / Express
Resource Hash
24fb3efecb78851a3fb790167b9b27bcf91c961e4b37de95cd18c9f447aadc6e
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"6d2-m8Fbw1s0+yr8T/ffP3C3DjuwsvE"
age
43
x-powered-by
Express
x-cache
HIT
access-control-allow-methods
GET
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
strict-transport-security
max-age=631138519
content-length
923
x-xss-protection
0
x-response-time
160
last-modified
Thu, 24 Feb 2022 11:31:00 GMT
server
ECS (mil/6CF3)
x-frame-options
SAMEORIGIN
date
Thu, 24 Feb 2022 11:31:43 GMT
vary
Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
adf25123a6f13aaeacb99ff20b4f463674a97364857346467ebdae08ae4fda52
accept-ranges
bytes
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
age
6235
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
563Q182XKKBGBPYA
x-amz-id-2
bdPUe4HjGqrAVg8eEZZYoC6KD28ITcgPDbSbHjAUGcQb3btZBQnFND4c/5y2yIgUVrant8QWGnY=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6e285e842f679004-FRA
expires
Fri, 25 Feb 2022 11:31:43 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
age
5037
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G7XVAWHV2A1TM5YQ
x-amz-id-2
YTUD+eplGac2nzDoCf6mNAS+SFRWUcCYJKczG3n8f/90lY7q4TeiITaNexYchgGjMS0Xbxxxcvw=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6e285e842f6f9004-FRA
expires
Fri, 25 Feb 2022 11:31:43 GMT
1
servicer.mgid.com/1002277/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1002277/1?pv=5&cbuster=1645702303424896235068&ogtitle=Klitschko%20paraqitet%20nga%20Ukraina%3A%20Ne%20jemi%20n%C3%AB%20luft%C3%AB%20dhe%20luftojm%C3%AB%20p%C3%ABr%20vendin%20ton%C3%AB%20-%20Gazeta%20Express&uniqId=16c7d&childs=1214277&niet=4g&nisd=false&jsv=es6&w=824&h=200&wrongImageSize=1&cols=3&ref=&cxurl=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&lu=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&sessionId=62176c9f-07dad&pageView=1&pvid=17f2b804e589864a0e5&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ded2c002d549e7864b09e18b0663c4db8c1306fa7476fa4acee0f657db685a87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6e285e8478079004-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1
servicer.mgid.com/1190148/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1190148/1?w=824&h=110&wrongImageSize=1&cols=1&pv=5&cbuster=1645702303426500946202&ogtitle=Klitschko%20paraqitet%20nga%20Ukraina%3A%20Ne%20jemi%20n%C3%AB%20luft%C3%AB%20dhe%20luftojm%C3%AB%20p%C3%ABr%20vendin%20ton%C3%AB%20-%20Gazeta%20Express&uniqId=1019a&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&lu=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&sessionId=62176c9f-07dad&pageView=0&pvid=17f2b804e589864a0e5&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7469447d6e682a6a60cf92157d09269db2d639b2caa477ae0b2efbceb475637

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6e285e8478019004-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 6BB0 		349 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a8 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
UploadServer /
Resource Hash
6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 08:59:57 GMT
server
UploadServer
etag
"11268851b1fae583284d891ae77d8f75"
vary
Accept-Encoding
x-goog-hash
crc32c=iwkFbw==, md5=ESaIUbH65YMoTYka532PdQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdszPzVoyAnFr9FBTOADyu4aG2L6NMdJdhmOtAHEfLoGWpY4CN0fbfGwngPUreTpwjUZZr7nW1o_RBmxwE1UkX0
content-length
113743
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 0196 		349 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a8 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
UploadServer /
Resource Hash
6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 08:59:57 GMT
server
UploadServer
etag
"11268851b1fae583284d891ae77d8f75"
vary
Accept-Encoding
x-goog-hash
crc32c=iwkFbw==, md5=ESaIUbH65YMoTYka532PdQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdszPzVoyAnFr9FBTOADyu4aG2L6NMdJdhmOtAHEfLoGWpY4CN0fbfGwngPUreTpwjUZZr7nW1o_RBmxwE1UkX0
content-length
113743
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ 		349 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a8 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
UploadServer /
Resource Hash
6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 08:59:57 GMT
server
UploadServer
etag
"11268851b1fae583284d891ae77d8f75"
vary
Accept-Encoding
x-goog-hash
crc32c=iwkFbw==, md5=ESaIUbH65YMoTYka532PdQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdszPzVoyAnFr9FBTOADyu4aG2L6NMdJdhmOtAHEfLoGWpY4CN0fbfGwngPUreTpwjUZZr7nW1o_RBmxwE1UkX0
content-length
113743
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame AA8E 		349 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a8 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
UploadServer /
Resource Hash
6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 08:59:57 GMT
server
UploadServer
etag
"11268851b1fae583284d891ae77d8f75"
vary
Accept-Encoding
x-goog-hash
crc32c=iwkFbw==, md5=ESaIUbH65YMoTYka532PdQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdszPzVoyAnFr9FBTOADyu4aG2L6NMdJdhmOtAHEfLoGWpY4CN0fbfGwngPUreTpwjUZZr7nW1o_RBmxwE1UkX0
content-length
113743
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame F665 		349 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a8 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
UploadServer /
Resource Hash
6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 08:59:57 GMT
server
UploadServer
etag
"11268851b1fae583284d891ae77d8f75"
vary
Accept-Encoding
x-goog-hash
crc32c=iwkFbw==, md5=ESaIUbH65YMoTYka532PdQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdszPzVoyAnFr9FBTOADyu4aG2L6NMdJdhmOtAHEfLoGWpY4CN0fbfGwngPUreTpwjUZZr7nW1o_RBmxwE1UkX0
content-length
113743
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame AB44 		349 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a8 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
UploadServer /
Resource Hash
6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 08:59:57 GMT
server
UploadServer
etag
"11268851b1fae583284d891ae77d8f75"
vary
Accept-Encoding
x-goog-hash
crc32c=iwkFbw==, md5=ESaIUbH65YMoTYka532PdQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdszPzVoyAnFr9FBTOADyu4aG2L6NMdJdhmOtAHEfLoGWpY4CN0fbfGwngPUreTpwjUZZr7nW1o_RBmxwE1UkX0
content-length
113743
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 231E 		349 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a8 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
UploadServer /
Resource Hash
6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 08:59:57 GMT
server
UploadServer
etag
"11268851b1fae583284d891ae77d8f75"
vary
Accept-Encoding
x-goog-hash
crc32c=iwkFbw==, md5=ESaIUbH65YMoTYka532PdQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdszPzVoyAnFr9FBTOADyu4aG2L6NMdJdhmOtAHEfLoGWpY4CN0fbfGwngPUreTpwjUZZr7nW1o_RBmxwE1UkX0
content-length
113743
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
age
1334
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6e285e851c2f690f-FRA
expires
Fri, 25 Feb 2022 11:31:43 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
age
1334
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
8KE49RBWCJ5QH1AR
x-amz-id-2
zZ6zE08YJcPOjxt60oq3ijyDWaqYBQ/hC6Rayp7+3fbs91ub4rGX09ngQCecW1G6ZJIu8n5/R7w=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6e285e851c31690f-FRA
expires
Fri, 25 Feb 2022 11:31:43 GMT
aHR0cHM6Ly93d3cuZ2F6ZXRhZXhwcmVzcy5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjIvMDIvMjczMzcxOTk4XzY5NzUyODYzMDI1NDMzNDlfNTAxMzE3ODg4MTA5NDUyMzMwX24uanBn.webp
s-img.mgid.com/l/556371/492x277/-/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/556371/492x277/-/aHR0cHM6Ly93d3cuZ2F6ZXRhZXhwcmVzcy5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjIvMDIvMjczMzcxOTk4XzY5NzUyODYzMDI1NDMzNDlfNTAxMzE3ODg4MTA5NDUyMzMwX24uanBn.webp?v=1645702303-IusZ-MRFPjA6sWWstUqK49Egyuz6CEg3rHkaXRcYh_E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73502f3c1e90ecb7345cff427ae2cde461c83726fbb44f11148334af4ddce0eb

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
cf-cache-status
HIT
last-modified
Mon, 07 Feb 2022 11:31:29 GMT
x-mg-request-uuid
b45a6ea2-485d-4b8c-888a-9eeb40ea8f37
age
49019
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e285e8558a290c4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13284
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvMDZmMjAzZWRjNjcwOTExZ...
s-img.mgid.com/g/11739848/492x277/-/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739848/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvMDZmMjAzZWRjNjcwOTExZjUyZjFmZjdiZDllNGM1YzUuanBlZw.webp?v=1645702303-8D2SITofdZbvzKCfJry-i9cDbeZpxfnsIk272hSLAZ4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28e95c0c629214fd64fe7c628cc37357d903aa65fb950d35d2e43d9c07e10e3e

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:46:40 GMT
x-mg-request-uuid
821daeb2-e2fe-4d08-8c8c-7a8291b9a2b7
age
260080
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e285e8558ac90c4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21486
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNGMwN2FmNjRjZTM5NzJlY...
s-img.mgid.com/g/11739829/492x277/-/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739829/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNGMwN2FmNjRjZTM5NzJlYzZkMzAxYzVhZTUxN2QwMjEucG5n.webp?v=1645702303-DnckWAiMGm--V0ZurhJslxrBlPSZakDIFpBkCRexlko
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb0ba76d03300d7391a9ee2c885a39110e632e77fa3aa810620d577a0934fc1

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:44 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:55:15 GMT
x-mg-request-uuid
da6f4fc9-b116-4d34-9040-b5d63e3b67fe
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e285e8558ae90c4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28108
server
cloudflare
aHR0cHM6Ly93d3cuZ2F6ZXRhZXhwcmVzcy5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjAvMDIvMjAxOS0wNi0wN1QxMjE3MDhaXzEyNjg1MzA5MDRfUkMxODUzNzAxQjUwX1JUUk1BRFBfM19URU5OSVMtRlJFTkNIT1BFTi5qcGc.webp
s-img.mgid.com/l/556371/492x277/-/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/556371/492x277/-/aHR0cHM6Ly93d3cuZ2F6ZXRhZXhwcmVzcy5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjAvMDIvMjAxOS0wNi0wN1QxMjE3MDhaXzEyNjg1MzA5MDRfUkMxODUzNzAxQjUwX1JUUk1BRFBfM19URU5OSVMtRlJFTkNIT1BFTi5qcGc.webp?v=1645702303-_Ni8cszkdeEVDmJOvq0b-7pIQ4G4_lxX_WdLtQ_o00A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e98296a5dc52aee5192809c98438b50e4020766536d0428194f8f14d390d203

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
cf-cache-status
HIT
last-modified
Thu, 03 Feb 2022 12:27:38 GMT
x-mg-request-uuid
1e82188c-89c7-4456-a4de-f852cb0c238a
age
1179633
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e285e8558b590c4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14642
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvMDg5ZmU5ODYyNTBjZjBiZ...
s-img.mgid.com/g/11739846/492x277/-/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739846/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvMDg5ZmU5ODYyNTBjZjBiZDk0YjM0OTkyMDNmZGI2ZWUuanBlZw.webp?v=1645702303--o58-QsWmIfLKmT7oT5aBTg3IYQdFSPbswKYjezU8Rg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3711a93caeaa494d7ed37c044fb9121f596628f38c0bd77134d5a62a43873839

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:51:53 GMT
x-mg-request-uuid
eb8ab2e5-fc84-43bc-b5e4-f1b0936d931f
age
262905
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e285e8558bd90c4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21038
server
cloudflare
aHR0cHM6Ly93d3cuZ2F6ZXRhZXhwcmVzcy5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjIvMDIvU2NyZWVuc2hvdF8xLTQ0LnBuZw.webp
s-img.mgid.com/l/556371/492x277/-/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/556371/492x277/-/aHR0cHM6Ly93d3cuZ2F6ZXRhZXhwcmVzcy5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjIvMDIvU2NyZWVuc2hvdF8xLTQ0LnBuZw.webp?v=1645702303-WrPc3UW-QqmvyCqztnWJ2ZmupmX9PwSX_nBxElLE5DQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fc55b7598d5e8f09fbdbe80a70d302fabebeb4b39975d8f016fb2ce89cd8421

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
cf-cache-status
HIT
last-modified
Mon, 07 Feb 2022 12:15:46 GMT
x-mg-request-uuid
3679855b-d3f8-45f7-8eb7-f0f30bf84c9f
age
435104
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e285e8558d090c4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9136
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDg0LHlfMzg0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC82NDAxY...
s-img.mgid.com/g/11739875/492x277/-/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739875/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDg0LHlfMzg0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC82NDAxYTgxZjc0Y2I2NzM5NzVkZjBlYzQ1ZGRmMDdlYS5qcGc.webp?v=1645702303-7Dfnx8pAQWC4KJhXmMBCqKn232sBHiaXnnbH1YGFVTA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d11b010cedf3a5ff81a1cf7a79b50f6606ac6eddb6f9047bedb421e033b6c602

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:51:17 GMT
x-mg-request-uuid
e06c5d78-152c-4553-80e6-fb8ff068df07
age
15044
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e285e859d72904c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18224
server
cloudflare
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.TweetVideo.bbd2273270096a33a1dc.js
platform.twitter.com/embed/ Frame 5395 		143 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.TweetVideo.bbd2273270096a33a1dc.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.496916c603a0177546a8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF3) /
Resource Hash
8e1bbb342326aea4149633fbe8bdab90e946a98bafa2bcadd465171f80097f2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:43 GMT
Content-Encoding
gzip
Age
128120
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
37857
x-tw-cdn
VZ
Last-Modified
Tue, 22 Feb 2022 23:54:04 GMT
Server
ECS (mil/6CF3)
Etag
"6105f5ecdcd47ab2be938db4309bd6e8+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.vendors~ondemand.TweetVideo.98357008a9809fa238b9.js
platform.twitter.com/embed/ Frame 5395 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TweetVideo.98357008a9809fa238b9.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.496916c603a0177546a8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF2) /
Resource Hash
9db6713aabf5639680dbcd527b19a7f181ea6144a2aee236d13f6f042a902a3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:43 GMT
Content-Encoding
gzip
Age
128121
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
12915
x-tw-cdn
VZ
Last-Modified
Tue, 22 Feb 2022 23:54:04 GMT
Server
ECS (mil/6CF2)
Etag
"12a457eda922a7eefacd2d23f0f66c88+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.TweetVideo.ea154da428fb69e3b533.js
platform.twitter.com/embed/ Frame 5395 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.TweetVideo.ea154da428fb69e3b533.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.496916c603a0177546a8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEF) /
Resource Hash
2cff11baac58b00d9614d94aff497aaddcdab8f2dcfbce8c43e09d87a128c56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:43 GMT
Content-Encoding
gzip
Age
128120
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
1830
x-tw-cdn
VZ
Last-Modified
Tue, 22 Feb 2022 23:54:04 GMT
Server
ECS (mil/6CEF)
Etag
"39474a48f9fc2a59b1510a46ceed1f3d+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
jot
syndication.twitter.com/i/ Frame 5395 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1645702303580%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22gazetaexpress%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22gazetaexpress%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%226cb7f541%3A1645560310082%22%2C%22item_ids%22%3A%5B%221496736388523384834%22%5D%2C%22item_details%22%3A%7B%221496736388523384834%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
106
pragma
no-cache
last-modified
Thu, 24 Feb 2022 11:31:43 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
41d80733fbf73873b9110c2afd85baf4b07bb692bac4ec94f181a60bd9adcb69
x-transaction
0d98f9e8487b5c38
expires
Tue, 31 Mar 1981 05:00:00 GMT
int_exchange_wages_ad.svg
cdn.mgid.com/images/mgid/ 		1 KB
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/int_exchange_wages_ad.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
age
1328
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FH3P8GVSMT8XDR7A
x-amz-id-2
XAhL/GRFD82+tMJD/s0zTEXQzD5aC637aIO9GrurlC9VO1BjlvT06sHp1Mz3ZWc6GHXoWrqHOms=
last-modified
Mon, 04 May 2020 12:16:53 GMT
server
cloudflare
etag
W/"37346cd2daeeec771e8ffe3a34ef43ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6e285e859d36690f-FRA
expires
Fri, 25 Feb 2022 11:31:43 GMT
rN1ze5CT_normal.jpg
pbs.twimg.com/profile_images/1156877519615942657/ Frame 5395 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1156877519615942657/rN1ze5CT_normal.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE7) /
Resource Hash
9c7651b3d477074df4414cef97004a0ab813859f927973d7af0cfde7c7f9c7e2
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
x-content-type-options
nosniff
age
18919
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
2035
x-response-time
109
surrogate-key
profile_images profile_images/bucket/7 profile_images/1156877519615942657
last-modified
Thu, 01 Aug 2019 10:39:09 GMT
server
ECS (mil/6CE7)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
ec9c24aad918c1b0c45fecbfff84f48c3d88ab01d735eb5dd638bd3f124f86fc
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
embed.vendors~loaders.video.VideoPlayerDefaultUI.6d2d621b106d8c14fe49.js
platform.twitter.com/embed/ Frame 5395 		121 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~loaders.video.VideoPlayerDefaultUI.6d2d621b106d8c14fe49.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.496916c603a0177546a8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEB) /
Resource Hash
50f11cdba975c6542277e76edf03f8dfbc9e554979782e16488e9be2b333fc30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:43 GMT
Content-Encoding
gzip
Age
128120
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
34728
x-tw-cdn
VZ
Last-Modified
Tue, 22 Feb 2022 23:54:04 GMT
Server
ECS (mil/6CEB)
Etag
"7b8c970d6740e0b4e43ba1cfcbcd724f+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.vendors~loaders.video.PlayerHls14.9ab6bebed66769d2068b.js
platform.twitter.com/embed/ Frame 5395 		252 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.9ab6bebed66769d2068b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.496916c603a0177546a8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE0) /
Resource Hash
2f3d109d28386b355c2fc8fb0d341e84324ef555552d414eab113b376cbd8f6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=gazetaexpress&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1496736388523384834&lang=en&origin=https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F&sessionId=4f58bcb184d44645783e5a66c4a8caa0da95394f&siteScreenName=gazetaexpress&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:43 GMT
Content-Encoding
gzip
Age
128119
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
75322
x-tw-cdn
VZ
Last-Modified
Tue, 22 Feb 2022 23:54:04 GMT
Server
ECS (mil/6CE0)
Etag
"b644175b523d002f2bff4b5ec1522e65+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
8q9qOLzzq9tp-2py.jpg
pbs.twimg.com/ext_tw_video_thumb/1496736341773762562/pu/img/ Frame 5395 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/1496736341773762562/pu/img/8q9qOLzzq9tp-2py.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE2) /
Resource Hash
2ace54d6ff26823d90a673bd982f0e9ee1dd338c9742b90722f5d8d2b405b1b5
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
x-content-type-options
nosniff
age
17565
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length
52952
x-response-time
284
surrogate-key
ext_tw_video_thumb ext_tw_video_thumb/bucket/9 ext_tw_video_thumb/1496736341773762562
last-modified
Thu, 24 Feb 2022 06:36:46 GMT
server
ECS (mil/6CE2)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
751714279c2cb9ca9abb499f9369c26c3f1c7ae5b13715c6e4e8ce7e39c55498
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
localstore.js
script.4dex.io/ Frame 6BB0 		483 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
914602
x-amz-request-id
tx31ca1f9ef63a4ee0ab840-00620977f5
x-amz-id-2
tx31ca1f9ef63a4ee0ab840-00620977f5
last-modified
Sun, 13 Feb 2022 21:27:35 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ADEylGbqA%2BMWKpKEj%2B5QggR35GsnlM%2B0En3PLiDUHbgbXO9Wf32vLL8Cpyi0tLwe1YcTq2pjzLaboOla6%2B69UZBQQnI3IJToCX73LuzGKUXsyCWO3W3uq1btkObXv2Qfsx04exM8dxcS5Ms"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1644787655409471
cf-ray
6e285e865ea259ad-MXP
prebid
ib.adnxs.com/ut/v3/ Frame 6BB0 		138 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
92ed2e922db059b0d3d085a487e26de00b36f9548fea39ce8faadd41e46c3056
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Feb 2022 11:31:43 GMT
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
31ca3616-ffe8-4787-8ddd-705213be07c5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 6BB0 		36 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=621767&v=7.2&r=%7B%22id%22%3A%2238d4babdaf978b%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22404b04bc48b4ae%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621767%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-33-234.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d1f70c2a686b0c164caa13d208f8d02330a9a97d55a6c4dd037f81fb73c08a63

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.28], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Thu, 24 Feb 2022 11:31:43 GMT
translator
hbopenbid.pubmatic.com/ Frame 6BB0 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Thu, 24 Feb 2022 11:31:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 6BB0 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=58683135020
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Feb 2022 11:31:42 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
/
adx.adform.net/adx/ Frame 6BB0 		5 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc3NzA4OSZ0cmFuc2FjdGlvbklkPTA4Yzg2ZWQ3LTIyZGMtNDg2MC1iZjUyLTNjMzk1NTMwYjE1OA%3D%3D&pt=gross&stid=dea59112-7bc2-4da0-8121-6fb69a0e2a98&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame 6BB0 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
arj
projectagora-d.openx.net/w/1.0/ Frame 6BB0 		73 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=08c86ed7-22dc-4860-bf52-3c395530b158&nocache=1645702303684&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=160x600&divIds=18287011_gazetaexpress.com_ros_160x600&auid=540990853
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
3e8e771386dfe8e7be09c55de000873c402a6839263ef0d5c783f6adff69445f

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 6BB0 		240 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1549190&size_id=9&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=08c86ed7-22dc-4860-bf52-3c395530b158&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.87368798208683
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
4068a76d3988c0148f9e9241147f2555a4447dfa73455679c7f82709d3e1e236

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Feb 2022 11:31:43 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ Frame 6BB0 		19 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.87.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-87-92.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 597C 		0
0
i.js
cm.mgid.com/ 		0
113 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1645702303694393040872
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6e285e863c2a9004-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
localstore.js
script.4dex.io/ Frame 0196 		483 B
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
914602
x-amz-request-id
tx31ca1f9ef63a4ee0ab840-00620977f5
x-amz-id-2
tx31ca1f9ef63a4ee0ab840-00620977f5
last-modified
Sun, 13 Feb 2022 21:27:35 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmCziH5HbJxcCWxS1EK3RQedlFeqU08ECR5EyFG3SA1PS0QeW26YhGkfay6HHO3JlP2c13zjSAGmJAaFspSi5oaG3V7L2dNXdBIHPt%2F4oaEmzoGeBda20Mabs36H5hr3GzCeOUBbmmNKhZCn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1644787655409471
cf-ray
6e285e865ea659ad-MXP
prebid
ib.adnxs.com/ut/v3/ Frame 0196 		138 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
658897a0574f6f8cd5fb48ed698175ed1b5af613b7467b449d747dec7d353efa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Feb 2022 11:31:43 GMT
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
418186fd-bd70-4e46-b9ab-c5855d3c0e1e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 0196 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Thu, 24 Feb 2022 11:31:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 0196 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=38975345139
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 0196 		241 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1378976&size_id=15&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=8e69bdbe-4c13-466b-914d-7c4f6b577958&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.479038460503314
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c781010a43dffcd6f894dd3d1f5103c589dab3112917a2fddce968f12ca4e1e3

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Feb 2022 11:31:43 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ Frame 0196 		36 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=621765&v=7.2&r=%7B%22id%22%3A%229f9c6b838e5f2a%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210b1021f5860b05%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621765%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-33-234.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
353d264758108024a6d220f2be1f80cf6b69b7cc767ce842b5840869df48659d

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.28], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Thu, 24 Feb 2022 11:31:43 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame 0196 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8e69bdbe-4c13-466b-914d-7c4f6b577958&nocache=1645702303699&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=300x250&divIds=16588074_gazetaexpress.com_ros_300x250&auid=540924443
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
38a80cdfb60f0a202ee73fb90362ac06d0afe951c322c7fcc7793a7366056c70

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ Frame 0196 		19 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.87.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-87-92.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
adx.adform.net/adx/ Frame 0196 		5 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY0MyZ0cmFuc2FjdGlvbklkPThlNjliZGJlLTRjMTMtNDY2Yi05MTRkLTdjNGY2YjU3Nzk1OA%3D%3D&pt=gross&stid=b66e0e76-d017-4142-a6dc-f855484c2487&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame 0196 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
i-noref.js
cm.mgid.com/ Frame 0212 		0
134 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1645702303732336121691
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6e285e865c779004-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tZoxTutbrtEHFhEr.m3u8
video.twimg.com/ext_tw_video/1496736341773762562/pu/pl/ Frame 5395 		640 B
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1496736341773762562/pu/pl/tZoxTutbrtEHFhEr.m3u8?tag=12&container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.9ab6bebed66769d2068b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C9F) /
Resource Hash
fc7cfc40409949876b0ddd37a47a6b01cf9b0747ea3c607214900e65b5da2085
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17565
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=3
content-length
297
x-response-time
82
surrogate-key
ext_tw_video ext_tw_video/bucket/9 ext_tw_video/1496736341773762562
last-modified
Thu, 24 Feb 2022 06:36:46 GMT
server
ECAcc (mil/6C9F)
vary
Accept-Encoding
x-tw-cdn
VZ, VZ, VZ
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
6acfcdc365e9de50ff71fe0aa096f431dbc5df3cf7b0f90ae67e9e5c12253df1
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
localstore.js
script.4dex.io/ 		483 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
914602
x-amz-request-id
tx31ca1f9ef63a4ee0ab840-00620977f5
x-amz-id-2
tx31ca1f9ef63a4ee0ab840-00620977f5
last-modified
Sun, 13 Feb 2022 21:27:35 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6PjhRSD2SyJvBLZ0g%2Bq128SFQP1nF4mwPwpwCSADbCUUSJtvZeD8J5tT1Q0simaVOr3KjnX7i6hRrubtJZv2ehn0zcdkzbjE%2BPxd48egVOO0rmbwuyd4ZxALqRbUzhpyrhrMcuiGNGjxLXE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1644787655409471
cf-ray
6e285e86af5359ad-MXP
auction
tlx.3lift.com/header/ 		19 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.87.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-87-92.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Thu, 24 Feb 2022 11:31:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		138 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
595b17ebf33e54cf1b184bd58a2c709c5b52a1903b85d6ad889d0e4753d677ed
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Feb 2022 11:31:43 GMT
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e5f081c2-a257-48c7-a81b-c441a37bb92e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ 		5 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY0MyZ0cmFuc2FjdGlvbklkPWJmN2IzMTIwLTllMWUtNDliMC1hYjE4LTgzOGE5N2I2NDc3Yw%3D%3D&pt=gross&stid=3a416407-1700-42dd-9b07-51c7720d219d&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1378976&size_id=15&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=bf7b3120-9e1e-49b0-ab18-838a97b6477c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6839617261384725
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d0378e0c98497eb95d670cdab0984a5444b5d00f6f2d9fbc389e271ab1ca3e36

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Feb 2022 11:31:43 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=67182855748
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
arj
projectagora-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bf7b3120-9e1e-49b0-ab18-838a97b6477c&nocache=1645702303778&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=300x250&divIds=16588074_gazetaexpress.com_ros_300x250&auid=540924443
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
25176cd5a6ed4e76568c9be2d0b1115e64de7d476efde2b073f9c0d84232686a

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=621765&v=7.2&r=%7B%22id%22%3A%22156d6af8a98d77f%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2216c1f28c085f991%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621765%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-33-234.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
08dd531db8897c9e7039eb2c1e5306d756ca8403f14a84c02724e2086455289c

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.28], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Thu, 24 Feb 2022 11:31:43 GMT
v1
prg.smartadserver.com/prebid/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FF34 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBgk-Nq1FUxkteoD-YyWiCTzSVYMRJ7pG1OUasnnT4ocnqIRfpHQJyFrbEYGFpgFiye7cx-wVLUYdrOVqXapySBWVP89XT8av6ejuIeJveCvK54_hq&sig=Cg0ArKJSzCV3MMMqcFhlEAE&id=lidar2&mcvt=1019&p=1110,315,1204,1285&mtos=0,1019,1019,1019,1019&tos=0,1019,0,0,0&v=20220216&bin=7&avms=nio&bs=1600,1200&mc=0.96&app=0&itpl=19&adk=1438139209&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645702302625&rpt=135&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adagio.js
script.4dex.io/ Frame 0196 		72 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd01ea3cd56c3f77b2d294910bbe09a139ee76ffe85a9d00f7d512606987d865

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62667
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx1508b278250145e89c24e-00620977fb
x-amz-id-2
tx1508b278250145e89c24e-00620977fb
last-modified
Sun, 13 Feb 2022 21:27:34 GMT
server
cloudflare
etag
W/"30fd6d2dd89cb7d26d6396caca2f6c6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fjz44w0svRD%2FN9tvaPvTuDsPZbJLUHKpY%2FLROKB6znDJdA0lew9as6EtQYJ7Z0lmqYFTB8yAYKKLrYJSK%2BXgfpuedc9bdUebLgmtMqUnmIoeU5PesfIX2dWKfYK3GrVCWtO02OtWG9ALzMCg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1644787654356307
cf-ray
6e285e872f11374c-MXP
access-control-allow-headers
Authorization
adagio.js
script.4dex.io/ Frame 6BB0 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd01ea3cd56c3f77b2d294910bbe09a139ee76ffe85a9d00f7d512606987d865

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62667
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx1508b278250145e89c24e-00620977fb
x-amz-id-2
tx1508b278250145e89c24e-00620977fb
last-modified
Sun, 13 Feb 2022 21:27:34 GMT
server
cloudflare
etag
W/"30fd6d2dd89cb7d26d6396caca2f6c6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxZoKl5irWnf1FTRqgZ7NwTC%2B9Y5UPimpn5ZQNI6NDlapKKx9OfDQHzhcQysfT1KSBPg9AeTtIRD3qYLe7ZOQtEdaTxB79v3%2F8q2Jl%2FhsqzGJ%2B%2ByQ3FBivts54A%2Flory0ucoX6qpdK0qVJTU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1644787654356307
cf-ray
6e285e872f13374c-MXP
access-control-allow-headers
Authorization
localstore.js
script.4dex.io/ Frame AA8E 		483 B
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
914602
x-amz-request-id
tx31ca1f9ef63a4ee0ab840-00620977f5
x-amz-id-2
tx31ca1f9ef63a4ee0ab840-00620977f5
last-modified
Sun, 13 Feb 2022 21:27:35 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWbkyvS%2Fu5PlQi4BYIrPJgk77VaqRupcwAFddTEWFzHhCzcSxTfPhcT70YPMoYeuw18TUyKYNuSYkEviIALPJ4lGTXXI%2B6tvByCxleShvq55B9VGklFEEmQjUbLlBdQ6Ov%2BilYbZUeVRjQ7B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1644787655409471
cf-ray
6e285e86eff759ad-MXP
v1
prg.smartadserver.com/prebid/ Frame AA8E 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
auction
tlx.3lift.com/header/ Frame AA8E 		19 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.87.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-87-92.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ Frame AA8E 		36 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=621768&v=7.2&r=%7B%22id%22%3A%22517682f07c793d%22%2C%22imp%22%3A%5B%7B%22id%22%3A%226231f2fd9b5273%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%226231f2fd9b5273%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22200x200%22%7D%2C%22banner%22%3A%7B%22w%22%3A200%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%226231f2fd9b5273%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22250x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%226231f2fd9b5273%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%226231f2fd9b5273%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22640x360%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A360%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-33-234.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
77e890504e6d97cf4ed17da6e364f8224b99892d718a958295d93072bfeace6f

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.28], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Thu, 24 Feb 2022 11:31:43 GMT
prebid
ib.adnxs.com/ut/v3/ Frame AA8E 		138 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
63603c3f2e54d2a51671554bcdc6a2bc4bfbb2667bd07177cdb00ef708addb29
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Feb 2022 11:31:43 GMT
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
385a6be4-9604-4064-8b1c-db80d8d758b1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame AA8E 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Thu, 24 Feb 2022 11:31:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
adx.adform.net/adx/ Frame AA8E 		5 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY1MSZ0cmFuc2FjdGlvbklkPWFlNzQ5YjM4LWU0YTktNDI0NC04ZGU2LTI1NjA0MGU0MTFlZA%3D%3D&pt=gross&stid=3721c571-3d83-40a1-8154-0501652f64fb&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
arj
projectagora-d.openx.net/w/1.0/ Frame AA8E 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ae749b38-e4a9-4244-8de6-256040e411ed&nocache=1645702303816&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=300x250%2C200x200%2C250x250%2C336x280%2C640x360&divIds=16604718_gazetaexpress.com_inarticle-adtag_300x250&auid=540924445
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
b2f31f99ca9ab4f3bc27bc4e679b72b32f764b362ade3735d54dabc4ff23ee7e

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame AA8E 		267 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1380844&size_id=15&alt_size_ids=13%2C14%2C16%2C198&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=ae749b38-e4a9-4244-8de6-256040e411ed&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8847353586889983
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c5a10a8cd332ed495f1f3a77ab3857dd030a1bd22b6e22921f9bff29fc065737

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Feb 2022 11:31:43 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
267
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame AA8E 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=52849195251
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pa_backupads_lib.js
projectagoralibs.com/libs/ Frame 3E09 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd9aa57367b6cc740caae552d411726e023cef38b4aab1ab365a7ce34b58d76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6687
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
A9X2MPN5FT3B2E6C
x-amz-id-2
2wIvjEPBFa8gRDJv4XlFpK5ahKsr6vlkPLTo3bR90nOvK7+PoEKiYxbCud02CIYhTnS4Qv+jPqk=
last-modified
Tue, 20 Jul 2021 08:31:03 GMT
server
cloudflare
etag
W/"2d16b383f5bd347613b311222e31c59d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKVH4hwD8p4q6I7CoG4GYUxvEasVnw5W3sRyqTVfr1HzCXgMl6aj0qu8VbCciVwuRJYK8TmH2nwe%2BVQDKvQYX0leMNxEHpKDsNTXU%2FhW%2Flz2z%2FDB40KB1jncKwfUzq0oEV0ohteOyfyjeKbZPjIiQDD%2B6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6e285e8748f23756-MXP
/
projectagora-483829-hdb.adomik.com/ Frame 0196 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiYjY2ZTBlNzYtZDAxNy00MTQyLWE2ZGMtZjg1NTQ4NGMyNDg3IiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IlBVQk1BVElDIn0seyJiaWRkZXIiOiJDUklURU8ifSx7ImJpZGRlciI6IlJVQklDT04ifSx7ImJpZGRlciI6IklYIn0seyJiaWRkZXIiOiJPUEVOWCJ9LHsiYmlkZGVyIjoiVFJJUExFTElGVCJ9LHsiYmlkZGVyIjoiQURGT1JNIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19XX0%3D&id=b66e0e76-d017-4142-a6dc-f855484c2487&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.172.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-172-222.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 24 Feb 2022 11:31:43 GMT
Server
nginx
loader.js
cdn.taboola.com/libtrc/gazetaexpress160x600gr-r18287011/ Frame 2B26 		74 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress160x600gr-r18287011/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d873bcfb9d4a6d58032ada85ff9699031f549fd06032a461e6fa0f74998d9620

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
eOF12zJv5FxNyUZ.Nkz7kxaYgOP_n_FP
content-encoding
gzip
etag
"07e75ffd3331d8143c9d02237f013f9d"
age
3756
x-cache
HIT
content-length
20086
x-amz-id-2
gvHMEh7TxOx8P8COyK6My+tpIaNYqFBuNOs8SrZDCrJ80bAG0B10d6ncGBY6fpLr0Q2cXBl/Fdc=
x-served-by
cache-hhn4053-HHN
last-modified
Thu, 24 Feb 2022 10:29:03 GMT
server
AmazonS3
x-timer
S1645702304.835831,VS0,VE1
date
Thu, 24 Feb 2022 11:31:43 GMT
vary
Accept-Encoding
x-amz-request-id
NBPB8H2BKJKZH8NA
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
87
x-cache-hits
1
/
projectagora-483829-hdb.adomik.com/ Frame 6BB0 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiZGVhNTkxMTItN2JjMi00ZGEwLTgxMjEtNmZiNjlhMGUyYTk4IiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IklYIn0seyJiaWRkZXIiOiJQVUJNQVRJQyJ9LHsiYmlkZGVyIjoiQ1JJVEVPIn0seyJiaWRkZXIiOiJBREZPUk0ifSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifSx7ImJpZGRlciI6Ik9QRU5YIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJUUklQTEVMSUZUIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19XX0%3D&id=dea59112-7bc2-4da0-8121-6fb69a0e2a98&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.172.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-172-222.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 24 Feb 2022 11:31:43 GMT
Server
nginx
localstore.js
script.4dex.io/ Frame F665 		483 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
914602
x-amz-request-id
tx31ca1f9ef63a4ee0ab840-00620977f5
x-amz-id-2
tx31ca1f9ef63a4ee0ab840-00620977f5
last-modified
Sun, 13 Feb 2022 21:27:35 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymW10fZNhDNvgcktMRfk4ZLuuQ2BH8C6Tpka4UqxBEtmhLyBT2qgWpRLlAh7o2lspSrKQVC5SWF%2B1kG60%2FzOESSwivcfvLubRt69kCtErBVeD4XjTcKKrQ54ily6Q4jPPW%2FDFtbo2Z8Qo14%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1644787655409471
cf-ray
6e285e87187759ad-MXP
v1
prg.smartadserver.com/prebid/ Frame F665 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:42 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
arj
projectagora-d.openx.net/w/1.0/ Frame F665 		73 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a69354d2-2eae-4d21-ae8f-f804ed7460b5&nocache=1645702303845&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=728x90&divIds=18287006_gazetaexpress.com_ros-1_728x90&auid=540990852
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
14200d8b2f52ae739fb302c4be4c8f5677792594fc7adf5ed13f9c2208b9f04b

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame F665 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=56762339952
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cygnus
htlb.casalemedia.com/ Frame F665 		36 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=620409&v=7.2&r=%7B%22id%22%3A%227cbcb3c199561d%22%2C%22imp%22%3A%5B%7B%22id%22%3A%228efd48bc32093%22%2C%22ext%22%3A%7B%22siteID%22%3A%22620409%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-33-234.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cf9940d5d9eee752c5b9ea23c20a72dd6c7f9f423f86ce27bc32622be5db28e

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.28], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Thu, 24 Feb 2022 11:31:43 GMT
auction
tlx.3lift.com/header/ Frame F665 		19 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.87.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-87-92.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame F665 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
67f1b35596c2e0249761ceb4bba91f5ca25c459582eca2b44dbbc13ebdd72377
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Feb 2022 11:31:43 GMT
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
06a676ab-f660-4564-a7e5-207fd5dbcd52
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame F665 		5 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc3NzA5MCZ0cmFuc2FjdGlvbklkPWE2OTM1NGQyLTJlYWUtNGQyMS1hZThmLWY4MDRlZDc0NjBiNQ%3D%3D&pt=gross&stid=d2919add-9fa0-4600-9215-db8c05598bc4&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
translator
hbopenbid.pubmatic.com/ Frame F665 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Thu, 24 Feb 2022 11:31:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F665 		240 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1549192&size_id=2&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=a69354d2-2eae-4d21-ae8f-f804ed7460b5&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.512632600669543
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
b7d6e283a90f81d61aaa66d7a826864c7776c87b3fb564a5e851b92cc42dead1

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Feb 2022 11:31:44 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220221&jk=3415778849521025&bg=!IiGlIWXNAAbf-5Dq3_s7ACkAdvg8WhtoQoWlDR47H2GrXU83o_ZHeGYcOZ56PLYYxdQHOmUwohnQ-wIAAAFKUgAAAAJoAQcKAKxM5uo7kaG32RQnEq-Mrynfjxrev87SU5rN-PXKE5kVgvFTNhNabmn33l_H05i59A4V6OKt0b8EkrDhE1Hj0ArI_ZMqKMYemURXd_YwnU_3C9Lg8lcuYWE4yugx3g30GgUcm5siewiGoUdL5aykM4ieRa0fPQVqlKnaGRfQ3D93Y48qM2U1EWxhVQrv47NnQMHg0TjwoZhW-RjJAIGB7TRzR9zLO8hYZlSySAUlmQLF2N3ruuupl7VYD30b-N9IcR8sfAc0cbs7QE7G3mjj75Hr2ClIVrPP5PpdiBt23696LLxDiug5d8J3pTTvHiCzNKoh1AUxsAYkvvFq3eA5dICwA3aWk-bAg-g-KVu1y4DRq4StfovCgdnTm8ZaJqbO73_SZE7lpSI_w-dBs3U2iZ_cMkT5ogCx-rO6XGreQ1whPUAYjAUv2UhPfokE1Uv43oNABJQQs_J-U0CBgLWN5ytB8gwYKlKWnZD9hmDTjESj-wLUu2Ds9wDZjt6gFySZPeKyKoheIqRp-kIAeMFCYyyIwYXSj6lRaWBFWA8kQnoFPpvxenwtHw0gYOKaN2haWyYyTtkcae8l366aKwnGUFjqLQYMTyUHKa2F0YPZoDujIBeaTn5ptMFo6gGjI3nUioj4Y0aeV33jvG4fosYbIHDvhUAKDE7fU4e7NrdIqQES23-6uHcD5lv8AWqxq8A_FyQDAVC-OozVTV3D7-zcW_e1j1CqRk0YEeHfI9qCSRgdBdWIeo_lnecRxOEj010HNxkh14kRv_Fxvf1eslXHI_dHBgUWNzF047fHAVx8OoBynAWnoKfECgMiV3z2mV2fXH_lzHXcaR8h3855pOnkPEhYjLjDRIEBnT4SE9lgY1TH0pEBPyxiuFYPU50eFIZSSp5cim-S0xRw54luJS4kcWubFPb2r1eEHZESS5JDChZzNf6lVu_Qdv9y5yx21rlIPiokitW9M0Boiiuv9a-DIzyJ8jaPhLQHAxKsJ4ASAC7skdBH69iX5547qbodV3Lygo8DNlVJdscJdebvfQS_2yU1MZgHiYEB02Fgq5tL7s6O9IYQeVQiU0ofRNWQ5ttzfCaMe1S0yxiWEGJBLefoAabwgC-E90Rq2LknnADX1B6hb8IiVOwcvSncpwLcIFfykSNTz-tTnqZyi4HFeTkJgNTGizVJ0A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
localstore.js
script.4dex.io/ Frame AB44 		483 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
914602
x-amz-request-id
tx31ca1f9ef63a4ee0ab840-00620977f5
x-amz-id-2
tx31ca1f9ef63a4ee0ab840-00620977f5
last-modified
Sun, 13 Feb 2022 21:27:35 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0eolHWxe7sD3N6NRcaWGfl9vmIraQr3M02QnCdaA6sPVWziUvN1lp6P1C%2BHwzDfP%2BbzRq%2B7XO6yyzx9GV4sZqdk74jkQiF9WHCoVU4su%2BSjWgYtVIBMO16pQF7oITu8cTSdk3Ah1tlDYKqo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1644787655409471
cf-ray
6e285e8738be59ad-MXP
prebid
ib.adnxs.com/ut/v3/ Frame AB44 		138 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bc221011508d751dfc26dc97f698ccfa9a6a7dcc94c9cccccbdf5507116e395f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Feb 2022 11:31:43 GMT
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1439a15f-8318-4d4f-a58a-fbbe7494c629
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame AB44 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=18912486741
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
/
adx.adform.net/adx/ Frame AB44 		5 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY1MSZ0cmFuc2FjdGlvbklkPTZlYzM5Yzk1LWZkZTEtNGRkZS1iZGE3LTg4MDQ1ZGM4ZTkwYg%3D%3D&pt=gross&stid=cf76ce67-b836-4bd3-b1a4-ce2c20be6a8a&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame AB44 		171 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
translator
hbopenbid.pubmatic.com/ Frame AB44 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Thu, 24 Feb 2022 11:31:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame AB44 		37 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=621768&v=7.2&r=%7B%22id%22%3A%22135446d05f02121%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221416d2582c53c1a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221416d2582c53c1a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22200x200%22%7D%2C%22banner%22%3A%7B%22w%22%3A200%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221416d2582c53c1a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22250x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221416d2582c53c1a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221416d2582c53c1a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22640x360%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A360%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-33-234.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
141ecbcb8011fd85efcdc3de40d116e194edc47226fdc9d6ff5d90b2a2756840

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.28], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Thu, 24 Feb 2022 11:31:43 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame AB44 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6ec39c95-fde1-4dde-bda7-88045dc8e90b&nocache=1645702303865&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=300x250%2C200x200%2C250x250%2C336x280%2C640x360&divIds=16604718_gazetaexpress.com_inarticle-adtag_300x250&auid=540924445
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
152b0d18ddfc0ece028e5a5bfec6a87bc84f09c22424cd4e416a70939b04b914

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ Frame AB44 		19 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.87.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-87-92.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame AB44 		267 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1380844&size_id=15&alt_size_ids=13%2C14%2C16%2C198&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=6ec39c95-fde1-4dde-bda7-88045dc8e90b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.01659518339599164
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f9cbd46aae660a6113b8565bb2e013e0b7cf7be640933f11b72ab6e9dc0412af

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Feb 2022 11:31:43 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
267
Expires
Wed, 17 Sep 1975 21:32:10 GMT
adagio.js
script.4dex.io/ 		72 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd01ea3cd56c3f77b2d294910bbe09a139ee76ffe85a9d00f7d512606987d865

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62667
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx1508b278250145e89c24e-00620977fb
x-amz-id-2
tx1508b278250145e89c24e-00620977fb
last-modified
Sun, 13 Feb 2022 21:27:34 GMT
server
cloudflare
etag
W/"30fd6d2dd89cb7d26d6396caca2f6c6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2sNes6DePW%2FWRW9jT9%2FRLIprJaUvgo3eQipKBs6CJwc%2BOdEEQ%2Fmas0cTXGdokwe1%2BH1h0nvLcMVhIKKfvQ36sdgMqoLYNB6yvjnapWwSGgb35rUKgNE1%2BPxUaH51g1LdVWL1VVuJQ47TViC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1644787654356307
cf-ray
6e285e875f64374c-MXP
access-control-allow-headers
Authorization
pa_backupads_lib.js
projectagoralibs.com/libs/ Frame 1E49 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd9aa57367b6cc740caae552d411726e023cef38b4aab1ab365a7ce34b58d76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6687
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
A9X2MPN5FT3B2E6C
x-amz-id-2
2wIvjEPBFa8gRDJv4XlFpK5ahKsr6vlkPLTo3bR90nOvK7+PoEKiYxbCud02CIYhTnS4Qv+jPqk=
last-modified
Tue, 20 Jul 2021 08:31:03 GMT
server
cloudflare
etag
W/"2d16b383f5bd347613b311222e31c59d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3G67FBmQoolNTLb6iQNlgXt%2FroRDxeFYMvDKoCUTkib5Th9KOpPFQBqjpHtY9R4cC39yjfOWK2hWEdFwtVrl%2F%2FFiKdKS7uljggvG0TPL7Fpn2l6Mr5v98hMP6oKsY53GnrpATDgt2D0L%2FzRTxT0VWo6Z%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6e285e8759443756-MXP
/
projectagora-483829-hdb.adomik.com/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiM2E0MTY0MDctMTcwMC00MmRkLTliMDctNTFjNzcyMGQyMTlkIiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJUUklQTEVMSUZUIn0seyJiaWRkZXIiOiJUUklQTEVMSUZUIn0seyJiaWRkZXIiOiJQVUJNQVRJQyJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiUlVCSUNPTiJ9LHsiYmlkZGVyIjoiQ1JJVEVPIn0seyJiaWRkZXIiOiJPUEVOWCJ9LHsiYmlkZGVyIjoiSVgifSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=3a416407-1700-42dd-9b07-51c7720d219d&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.172.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-172-222.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 24 Feb 2022 11:31:43 GMT
Server
nginx
localstore.js
script.4dex.io/ Frame 231E 		483 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
914602
x-amz-request-id
tx31ca1f9ef63a4ee0ab840-00620977f5
x-amz-id-2
tx31ca1f9ef63a4ee0ab840-00620977f5
last-modified
Sun, 13 Feb 2022 21:27:35 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYtB75px0j%2BcnhNFdMtrdrEHQkZSlZVXcT9bTmMZ19GE2RN8jjhLw9r9gJoVM6mj8UDQbYo4QXeWB453jv9XKupNCQDIqGsUYCuG2c2vyWKwfC4iwgsE4I7yM2r88rDWLI8cDuKvd946%2BWXi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1644787655409471
cf-ray
6e285e87595559ad-MXP
cdb
bidder.criteo.com/ Frame 231E 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=16920272065
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
/
adx.adform.net/adx/ Frame 231E 		5 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY1MSZ0cmFuc2FjdGlvbklkPWZlMGNmMjBkLTZiZjAtNGYzYy04ODQ0LWQwYmUzOTI3YmIzOQ%3D%3D&pt=gross&stid=0c2d2777-3056-458b-983a-274929347d16&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cygnus
htlb.casalemedia.com/ Frame 231E 		36 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=621768&v=7.2&r=%7B%22id%22%3A%227b86417d7de949%22%2C%22imp%22%3A%5B%7B%22id%22%3A%228dac6e99a1bebc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%228dac6e99a1bebc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22200x200%22%7D%2C%22banner%22%3A%7B%22w%22%3A200%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%228dac6e99a1bebc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22250x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%228dac6e99a1bebc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%228dac6e99a1bebc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22640x360%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A360%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-33-234.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
10aa0040da3ba5db50a4c9ebb145637ec36c70cbb43bb4f340dc29cebd2c3db4

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.28], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Thu, 24 Feb 2022 11:31:43 GMT
v1
prg.smartadserver.com/prebid/ Frame 231E 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame 231E 		139 B
991 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
82ec901c333b7304537b957771b3cc612e50849887caed431db9917d89adf58c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Feb 2022 11:31:43 GMT
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1279d50f-35af-424c-9185-52ca6967f4a8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame 231E 		74 B
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=fe0cf20d-6bf0-4f3c-8844-d0be3927bb39&nocache=1645702303894&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=300x250%2C200x200%2C250x250%2C336x280%2C640x360&divIds=16604718_gazetaexpress.com_inarticle-adtag_300x250&auid=540924445
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
fee2e92a439fcf714de516125d7392bd21880a9b7b558f92e578267cc7b5518a

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 231E 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Thu, 24 Feb 2022 11:31:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 231E 		267 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1380844&size_id=15&alt_size_ids=13%2C14%2C16%2C198&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=fe0cf20d-6bf0-4f3c-8844-d0be3927bb39&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2109288415275814
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e2ad654100a53dd460b3678917944d74b9d458681c185d1d183b7c690369ee27

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Feb 2022 11:31:43 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
267
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ Frame 231E 		19 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.87.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-87-92.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:43 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
jot
syndication.twitter.com/i/ Frame 5395 		43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1645702303898%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22gazetaexpress%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22gazetaexpress%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%226cb7f541%3A1645560310082%22%2C%22item_ids%22%3A%5B%221496736388523384834%22%5D%2C%22item_details%22%3A%7B%221496736388523384834%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1013.1000003814697%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
108
pragma
no-cache
last-modified
Thu, 24 Feb 2022 11:31:43 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
41d80733fbf73873b9110c2afd85baf4b07bb692bac4ec94f181a60bd9adcb69
x-transaction
115341c359347871
expires
Tue, 31 Mar 1981 05:00:00 GMT
impl.20220224-6-RELEASE.js
cdn.taboola.com/libtrc/ Frame 2B26 		618 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress160x600gr-r18287011/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
34e344bb779a162b9ae130839294ff618a10b9699d69ef4d1853b3f691e7e827

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
79qwUn5Enk_DB5NeEid.heu4K5D9ZJ5P
content-encoding
br
etag
"b79a2e4cedae1dc05d1913225215fab5"
age
5605
x-cache
HIT
content-length
130512
x-amz-id-2
o4TjJkEgC3KYhgbM+hRwDdfR7URcjanvGl+cQDtCvLHr9vbXliEe+JlEgKsvvwZrS+qZnE91uKY=
x-served-by
cache-hhn4053-HHN
last-modified
Thu, 24 Feb 2022 09:50:16 GMT
server
AmazonS3-br
x-timer
S1645702304.904115,VS0,VE0
date
Thu, 24 Feb 2022 11:31:43 GMT
vary
Accept-Encoding
x-amz-request-id
K7X1KV6WNZ89D2F1
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
9086
adagio.js
script.4dex.io/ Frame AA8E 		72 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd01ea3cd56c3f77b2d294910bbe09a139ee76ffe85a9d00f7d512606987d865

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62667
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx1508b278250145e89c24e-00620977fb
x-amz-id-2
tx1508b278250145e89c24e-00620977fb
last-modified
Sun, 13 Feb 2022 21:27:34 GMT
server
cloudflare
etag
W/"30fd6d2dd89cb7d26d6396caca2f6c6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXL47%2FwD6l7DhTatZTzryMTyujhCo8dwKtNYUMwFXzVO8ZjABkRP%2FMEwyPgD7qfudJXSKDrUavKGz6fnjEIX51o%2BIwOF6CVw4Vx4aNzzMC4Mss6cVWRjuQCDwlOR6Y9UDH%2BPW7xsud%2Bf7CN0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1644787654356307
cf-ray
6e285e877f9f374c-MXP
access-control-allow-headers
Authorization
all
csm.eu.criteo.net/ Frame D9A1 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=MMZki5kWO_GOWL9k2o3WKzSlvAU118Jb3rcUiTJwwMx_idHcfTMKVh4s2ywGVC-YiF7qlz2nqqzkJ3MaCTjLCJ0yMxAxRRIrrr4hDwHGQDnAu97czrqU8LaG1r7nKJxy-j3soZABN7D0KYiY0tT7sL9wFJwuy7vh5Zf22xx4ynHCbR-ozX7qV_biJiZzLfF56rD6NxwETE83L1NxH_om-UAYnmZW0yc-chvMzMyDwZVxkNE2VTZ0qGvzoUSWB7WCD0ZD1g&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=D9C90B8C96C1CADA&u=%7Co7e3TP%2Bod6AfIasOIXFOjOXz7yxDcqO20myaCpJStPo%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQA7Udofyp5cK_vlRc-05zX6ObfC7YwrS1f2RhnP1W1Bi9XesPz1ED-PI1uB2fGl-EFrW7eUtgZ9dX0ARfJiro1b70wYtGMPyuRmqC4z70-1ecxCSZx2zVU7jVuiYtnsAOj4EqJdiv3xmh5jj0UycPmQ1JZEMtcRNu60Zr0sfLsMOn60RHnKx8A-Rqfiti1TzDl7QNlSIWE-qFl3dKYCRF8Z52OeiNt1gB_ASqFHKJ9Ahzw8KXivMeoHGTejJXNWc_wEUqJpPdkE3EH9HOPfseqnpfii51wdFefBjQakzSJsra9o6K6o8VS-VjbuE_bcPfJhxmzvFTRPeaXreA1freucgov_-FIrljcVN-sBqSPmVsoAAGrv-cOaCUv4hTKvO5t9uxhjYCJidWcQra29Z4GXzQ_aGmUtWGwDn2VlUQRthsHsJ1m0Lj7Aa8LC3B65Ukc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 24 Feb 2022 11:31:43 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
adagio.js
script.4dex.io/ Frame F665 		72 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd01ea3cd56c3f77b2d294910bbe09a139ee76ffe85a9d00f7d512606987d865

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62667
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx1508b278250145e89c24e-00620977fb
x-amz-id-2
tx1508b278250145e89c24e-00620977fb
last-modified
Sun, 13 Feb 2022 21:27:34 GMT
server
cloudflare
etag
W/"30fd6d2dd89cb7d26d6396caca2f6c6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sp9RQ%2FiG%2BIcT%2BpgdUPruFAPAqF8MeW7v3xva9DNKdbQ3TMgockU91wde1rzROADyMBXyUY3JKPrip2JPgQU1s4CbN4MZvBGvxOh0el6BDL3%2BY%2Fubr4TL2JcYWAwnTmzJvd4VcmMWEL%2B9r5ej"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1644787654356307
cf-ray
6e285e87b820374c-MXP
access-control-allow-headers
Authorization
adagio.js
script.4dex.io/ Frame AB44 		72 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd01ea3cd56c3f77b2d294910bbe09a139ee76ffe85a9d00f7d512606987d865

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62667
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx1508b278250145e89c24e-00620977fb
x-amz-id-2
tx1508b278250145e89c24e-00620977fb
last-modified
Sun, 13 Feb 2022 21:27:34 GMT
server
cloudflare
etag
W/"30fd6d2dd89cb7d26d6396caca2f6c6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FI2EsyH7dYykdJXsZXIF97J%2FVCJpP0m3UACu9TU5Jpt9wgeIRxynrKga3otzI1PrbSyHiNNcnkw%2FkwwJNKo%2BEfI%2FMkYn7MkU1DISFG1QHDK%2FCA%2B6sNHUrZ2XHgWqx8iKrsMEkdFz7DZ6eQJ7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1644787654356307
cf-ray
6e285e87b825374c-MXP
access-control-allow-headers
Authorization
loader.js
cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/ Frame A2F0 		76 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3344431c331667c10981464ebd7821eb3b3f9dbd9b0b6df703a6a2f06bdf277d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
i5PuGhg4WEaZNvUsOUUpMJOYoQsZA9vS
content-encoding
gzip
etag
"e82ce9155be6a1307b759e06353dcaf5"
age
3975
x-cache
HIT
content-length
20232
x-amz-id-2
Ls9pOJ0XvMHsR7aY87wqQld9dnWNwIInf8bfgq3FNRdKFNjFGuiRGeoNmE/uLagEmYz/0p7+qzo=
x-served-by
cache-hhn4053-HHN
last-modified
Thu, 24 Feb 2022 10:25:22 GMT
server
AmazonS3
x-timer
S1645702304.940540,VS0,VE0
date
Thu, 24 Feb 2022 11:31:43 GMT
vary
Accept-Encoding
x-amz-request-id
XFW3MRB6CGE31SKW
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
87
x-cache-hits
61
/
projectagora-483829-hdb.adomik.com/ Frame AA8E 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiMzcyMWM1NzEtM2Q4My00MGExLTgxNTQtMDUwMTY1MmY2NGZiIiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJUUklQTEVMSUZUIn0seyJiaWRkZXIiOiJJWCJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IlBVQk1BVElDIn0seyJiaWRkZXIiOiJBREZPUk0ifSx7ImJpZGRlciI6Ik9QRU5YIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJDUklURU8ifSx7ImJpZGRlciI6IkNSSVRFTyJ9LHsiYmlkZGVyIjoiQ1JJVEVPIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19XX0%3D&id=3721c571-3d83-40a1-8154-0501652f64fb&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.172.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-172-222.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 24 Feb 2022 11:31:43 GMT
Server
nginx
adagio.js
script.4dex.io/ Frame 231E 		72 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd01ea3cd56c3f77b2d294910bbe09a139ee76ffe85a9d00f7d512606987d865

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62667
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx1508b278250145e89c24e-00620977fb
x-amz-id-2
tx1508b278250145e89c24e-00620977fb
last-modified
Sun, 13 Feb 2022 21:27:34 GMT
server
cloudflare
etag
W/"30fd6d2dd89cb7d26d6396caca2f6c6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Ka4UVUz1DGlqXbnSo0X3aNNvyb01Yo8yPpDwa8k8l0SRja2TchK64K7LAZ%2FPrMhGDsl1LfyPaNRYUc5y4lRDvgctXmAKP8jepXAkgHMcvud9rSOuNog96PFCGRogDBkOQCgYD1cbCWJ90CB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1644787654356307
cf-ray
6e285e87b827374c-MXP
access-control-allow-headers
Authorization
gODRcHTb4ITMa5Fn.m3u8
video.twimg.com/ext_tw_video/1496736341773762562/pu/pl/476x270/ Frame 5395 		2 KB
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1496736341773762562/pu/pl/476x270/gODRcHTb4ITMa5Fn.m3u8?container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.9ab6bebed66769d2068b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BA6) /
Resource Hash
a1c5b3ae01230c0326a96dd7ba2d4acbad88cd2f07cc7e27e89e184e0766952f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17566
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=4
content-length
488
x-response-time
80
surrogate-key
ext_tw_video ext_tw_video/bucket/9 ext_tw_video/1496736341773762562
last-modified
Thu, 24 Feb 2022 06:36:46 GMT
server
ECAcc (mil/6BA6)
vary
Accept-Encoding
x-tw-cdn
VZ, VZ, VZ
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
f8bca2ed7fa2b5d4f4ed72869658e1ae0310ebe9e38282a479a033d205539106
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
loader.js
cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/ Frame CE3B 		76 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3344431c331667c10981464ebd7821eb3b3f9dbd9b0b6df703a6a2f06bdf277d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
i5PuGhg4WEaZNvUsOUUpMJOYoQsZA9vS
content-encoding
gzip
etag
"e82ce9155be6a1307b759e06353dcaf5"
age
3975
x-cache
HIT
content-length
20232
x-amz-id-2
Ls9pOJ0XvMHsR7aY87wqQld9dnWNwIInf8bfgq3FNRdKFNjFGuiRGeoNmE/uLagEmYz/0p7+qzo=
x-served-by
cache-hhn4053-HHN
last-modified
Thu, 24 Feb 2022 10:25:22 GMT
server
AmazonS3
x-timer
S1645702304.972578,VS0,VE0
date
Thu, 24 Feb 2022 11:31:43 GMT
vary
Accept-Encoding
x-amz-request-id
XFW3MRB6CGE31SKW
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
87
x-cache-hits
62
/
projectagora-483829-hdb.adomik.com/ Frame AB44 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiY2Y3NmNlNjctYjgzNi00YmQzLWIxYTQtY2UyYzIwYmU2YThhIiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IkNSSVRFTyJ9LHsiYmlkZGVyIjoiQ1JJVEVPIn0seyJiaWRkZXIiOiJDUklURU8ifSx7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6IklYIn0seyJiaWRkZXIiOiJPUEVOWCJ9LHsiYmlkZGVyIjoiVFJJUExFTElGVCJ9LHsiYmlkZGVyIjoiUlVCSUNPTiJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fSx7InBsYWNlbWVudENvZGUiOiIxNjYwNDcxOF9nYXpldGFleHByZXNzLmNvbV9pbmFydGljbGUtYWR0YWdfMzAweDI1MCIsInNpemVzIjpbeyJ3aWR0aCI6MCwiaGVpZ2h0IjowfV0sImV2ZW50cyI6eyJyZXF1ZXN0cyI6W10sInJlc3BvbnNlcyI6W3siYmlkZGVyIjoiU01BUlRBRFNFUlZFUiIsInBsYWNlbWVudENvZGUiOiIxNjYwNDcxOF9nYXpldGFleHByZXNzLmNvbV9pbmFydGljbGUtYWR0YWdfMzAweDI1MCIsImlkIjoiMjE1M2Y2NWNjZjQ3NWRiIiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAsInNpemUiOnsid2lkdGgiOjAsImhlaWdodCI6MH0sInRpbWVUb1Jlc3BvbmQiOjcwLCJhZnRlclRpbWVvdXQiOmZhbHNlfSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIiLCJwbGFjZW1lbnRDb2RlIjoiMTY2MDQ3MThfZ2F6ZXRhZXhwcmVzcy5jb21faW5hcnRpY2xlLWFkdGFnXzMwMHgyNTAiLCJpZCI6IjIxNTNmNjVjY2Y0NzVkYiIsInN0YXR1cyI6IlZBTElEIiwiY3BtIjowLCJzaXplIjp7IndpZHRoIjowLCJoZWlnaHQiOjB9LCJ0aW1lVG9SZXNwb25kIjo3MCwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX1dLCJ3aW5uZXJzIjpbXX19XX0%3D&id=cf76ce67-b836-4bd3-b1a4-ce2c20be6a8a&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.172.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-172-222.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 24 Feb 2022 11:31:44 GMT
Server
nginx
loader.js
cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/ Frame 0D19 		76 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3344431c331667c10981464ebd7821eb3b3f9dbd9b0b6df703a6a2f06bdf277d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
i5PuGhg4WEaZNvUsOUUpMJOYoQsZA9vS
content-encoding
gzip
etag
"e82ce9155be6a1307b759e06353dcaf5"
age
3975
x-cache
HIT
content-length
20232
x-amz-id-2
Ls9pOJ0XvMHsR7aY87wqQld9dnWNwIInf8bfgq3FNRdKFNjFGuiRGeoNmE/uLagEmYz/0p7+qzo=
x-served-by
cache-hhn4053-HHN
last-modified
Thu, 24 Feb 2022 10:25:22 GMT
server
AmazonS3
x-timer
S1645702304.982965,VS0,VE0
date
Thu, 24 Feb 2022 11:31:43 GMT
vary
Accept-Encoding
x-amz-request-id
XFW3MRB6CGE31SKW
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
87
x-cache-hits
63
/
projectagora-483829-hdb.adomik.com/ Frame 231E 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiMGMyZDI3NzctMzA1Ni00NThiLTk4M2EtMjc0OTI5MzQ3ZDE2IiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJDUklURU8ifSx7ImJpZGRlciI6IkNSSVRFTyJ9LHsiYmlkZGVyIjoiQ1JJVEVPIn0seyJiaWRkZXIiOiJDUklURU8ifSx7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiSVgifSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifSx7ImJpZGRlciI6IkFQUE5FWFVTIn0seyJiaWRkZXIiOiJPUEVOWCJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6IlJVQklDT04ifSx7ImJpZGRlciI6IlRSSVBMRUxJRlQifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=0c2d2777-3056-458b-983a-274929347d16&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.172.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-172-222.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 24 Feb 2022 11:31:44 GMT
Server
nginx
R9dMAYzjqoO0ezLN.mp4
video.twimg.com/ext_tw_video/1496736341773762562/pu/vid/0/0/476x270/ Frame 5395 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1496736341773762562/pu/vid/0/0/476x270/R9dMAYzjqoO0ezLN.mp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.9ab6bebed66769d2068b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C91) /
Resource Hash
ad3977d16a403fd126d28ef1ea650bd005364a8e139e261ef6c474f56060a4e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:44 GMT
x-content-type-options
nosniff
age
17566
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
1131
x-response-time
89
surrogate-key
ext_tw_video ext_tw_video/bucket/9 ext_tw_video/1496736341773762562
last-modified
Thu, 24 Feb 2022 06:36:46 GMT
server
ECAcc (mil/6C91)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
ed8ad9afb43e813b6756308afbec43b4198bb2b584e7374fa5bea45a940ed1fd
accept-ranges
bytes
impl.20220224-6-RELEASE.js
cdn.taboola.com/libtrc/ Frame A2F0 		618 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
34e344bb779a162b9ae130839294ff618a10b9699d69ef4d1853b3f691e7e827

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
79qwUn5Enk_DB5NeEid.heu4K5D9ZJ5P
content-encoding
br
etag
"b79a2e4cedae1dc05d1913225215fab5"
age
5606
x-cache
HIT
content-length
130512
x-amz-id-2
o4TjJkEgC3KYhgbM+hRwDdfR7URcjanvGl+cQDtCvLHr9vbXliEe+JlEgKsvvwZrS+qZnE91uKY=
x-served-by
cache-hhn4053-HHN
last-modified
Thu, 24 Feb 2022 09:50:16 GMT
server
AmazonS3-br
x-timer
S1645702304.065975,VS0,VE0
date
Thu, 24 Feb 2022 11:31:44 GMT
vary
Accept-Encoding
x-amz-request-id
K7X1KV6WNZ89D2F1
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
9087
impl.20220224-6-RELEASE.js
cdn.taboola.com/libtrc/ Frame CE3B 		618 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
34e344bb779a162b9ae130839294ff618a10b9699d69ef4d1853b3f691e7e827

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
79qwUn5Enk_DB5NeEid.heu4K5D9ZJ5P
content-encoding
br
etag
"b79a2e4cedae1dc05d1913225215fab5"
age
5606
x-cache
HIT
content-length
130512
x-amz-id-2
o4TjJkEgC3KYhgbM+hRwDdfR7URcjanvGl+cQDtCvLHr9vbXliEe+JlEgKsvvwZrS+qZnE91uKY=
x-served-by
cache-hhn4053-HHN
last-modified
Thu, 24 Feb 2022 09:50:16 GMT
server
AmazonS3-br
x-timer
S1645702304.074385,VS0,VE0
date
Thu, 24 Feb 2022 11:31:44 GMT
vary
Accept-Encoding
x-amz-request-id
K7X1KV6WNZ89D2F1
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
9088
impl.20220224-6-RELEASE.js
cdn.taboola.com/libtrc/ Frame 0D19 		618 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
34e344bb779a162b9ae130839294ff618a10b9699d69ef4d1853b3f691e7e827

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
79qwUn5Enk_DB5NeEid.heu4K5D9ZJ5P
content-encoding
br
etag
"b79a2e4cedae1dc05d1913225215fab5"
age
5606
x-cache
HIT
content-length
130512
x-amz-id-2
o4TjJkEgC3KYhgbM+hRwDdfR7URcjanvGl+cQDtCvLHr9vbXliEe+JlEgKsvvwZrS+qZnE91uKY=
x-served-by
cache-hhn4053-HHN
last-modified
Thu, 24 Feb 2022 09:50:16 GMT
server
AmazonS3-br
x-timer
S1645702304.074485,VS0,VE0
date
Thu, 24 Feb 2022 11:31:44 GMT
vary
Accept-Encoding
x-amz-request-id
K7X1KV6WNZ89D2F1
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
9089
json
trc.taboola.com/gazetaexpress300x250hu-r16604718/trc/3/ Frame A2F0 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16604718/trc/3/json?tim=11%3A31%3A44.132&lti=deflated&data=%7B%22id%22%3A475%2C%22ii%22%3A%22%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1645698289479%2C%22vi%22%3A1645702304129%2C%22cv%22%3A%2220220224-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22gazetaexpressDisplay-16604718%22%2C%22orig_uip%22%3A%22gazetaexpressDisplay-16604718%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2CgazetaexpressDisplay-16604718%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
43a68a4369e2d43844b5a1af07a6be64320cd9852f9e3798db23d92618580a59

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
127
date
Thu, 24 Feb 2022 11:31:44 GMT
content-encoding
gzip
server
nginx
x-timer
S1645702304.139075,VS0,VE127
x-served-by
cache-hhn4053-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
fG_s8EbShWu_9kuC.m4s
video.twimg.com/ext_tw_video/1496736341773762562/pu/vid/0/3000/476x270/ Frame 5395 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1496736341773762562/pu/vid/0/3000/476x270/fG_s8EbShWu_9kuC.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.9ab6bebed66769d2068b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C95) /
Resource Hash
08adeb4cf2a726c42cf7bd95f37b443c13d4d676779ad3f7899f3addc3c06756
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:44 GMT
x-content-type-options
nosniff
age
17565
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
41019
x-response-time
94
surrogate-key
ext_tw_video ext_tw_video/bucket/9 ext_tw_video/1496736341773762562
last-modified
Thu, 24 Feb 2022 06:36:46 GMT
server
ECAcc (mil/6C95)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
fef318450915414fe96fcdd86f1c6299d5d59a1872a2b53d81fed64f4ce2f9d6
accept-ranges
bytes
loader.js
cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/ Frame 8573 		76 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/KLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86653213001a360e63f3fb0fbe7294299009c9d7d9bafe0f4745a1b742082187

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
wEDNuBsU_sW7PsmAROXyIUyr_uZbypR6
content-encoding
gzip
etag
"cb30f2e3c8086253de23e1fede1b5eff"
age
4443
x-cache
HIT
content-length
20213
x-amz-id-2
c2QDD0MHtBavunQfje6ZzGG711R22eQ72lViTBTt+CL8/YKIQ4QkDX0FLX6cA1eDxxYRumIfq78=
x-served-by
cache-hhn4053-HHN
last-modified
Thu, 24 Feb 2022 10:16:33 GMT
server
AmazonS3
x-timer
S1645702304.151139,VS0,VE1
date
Thu, 24 Feb 2022 11:31:44 GMT
vary
Accept-Encoding
x-amz-request-id
17FR3K7P673W4KVY
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
87
x-cache-hits
1
/
projectagora-483829-hdb.adomik.com/ Frame F665 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiZDI5MTlhZGQtOWZhMC00NjAwLTkyMTUtZGI4YzA1NTk4YmM0IiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJPUEVOWCJ9LHsiYmlkZGVyIjoiQ1JJVEVPIn0seyJiaWRkZXIiOiJJWCJ9LHsiYmlkZGVyIjoiVFJJUExFTElGVCJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6IlJVQklDT04ifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=d2919add-9fa0-4600-9215-db8c05598bc4&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.172.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-172-222.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 24 Feb 2022 11:31:44 GMT
Server
nginx
json
trc.taboola.com/gazetaexpress300x250hu-r16604718/trc/3/ Frame CE3B 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16604718/trc/3/json?tim=11%3A31%3A44.164&lti=deflated&data=%7B%22id%22%3A472%2C%22ii%22%3A%22%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1645698289479%2C%22vi%22%3A1645702304129%2C%22cv%22%3A%2220220224-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A0%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A0%2C%22dw%22%3A0%2C%22dh%22%3A0%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22gazetaexpressDisplay-16604718%22%2C%22orig_uip%22%3A%22gazetaexpressDisplay-16604718%22%2C%22cd%22%3A0%2C%22mw%22%3A0%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2CgazetaexpressDisplay-16604718%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1aa448019d230f01c449bf48961dbeb04c3d5b4bb130d4fe2501f9a646cc06e7

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
114
date
Thu, 24 Feb 2022 11:31:44 GMT
content-encoding
gzip
server
nginx
x-timer
S1645702304.169815,VS0,VE114
x-served-by
cache-hhn4053-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
bulk-metrics
trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/3/ Frame CE3B 		0
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
pragma
no-cache
date
Thu, 24 Feb 2022 11:31:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
json
trc.taboola.com/gazetaexpress300x250hu-r16604718/trc/3/ Frame 0D19 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16604718/trc/3/json?tim=11%3A31%3A44.184&lti=deflated&data=%7B%22id%22%3A38%2C%22ii%22%3A%22%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1645698289479%2C%22vi%22%3A1645702304129%2C%22cv%22%3A%2220220224-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22gazetaexpressDisplay-16604718%22%2C%22orig_uip%22%3A%22gazetaexpressDisplay-16604718%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2CgazetaexpressDisplay-16604718%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2979db064db5a84115be4dd5e2228314616e8ded158e463fd808efe07592ea01

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
116
date
Thu, 24 Feb 2022 11:31:44 GMT
content-encoding
gzip
server
nginx
x-timer
S1645702304.188797,VS0,VE116
x-served-by
cache-hhn4053-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
impl.20220224-6-RELEASE.js
cdn.taboola.com/libtrc/ Frame 8573 		618 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
34e344bb779a162b9ae130839294ff618a10b9699d69ef4d1853b3f691e7e827

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
79qwUn5Enk_DB5NeEid.heu4K5D9ZJ5P
content-encoding
br
etag
"b79a2e4cedae1dc05d1913225215fab5"
age
5606
x-cache
HIT
content-length
130512
x-amz-id-2
o4TjJkEgC3KYhgbM+hRwDdfR7URcjanvGl+cQDtCvLHr9vbXliEe+JlEgKsvvwZrS+qZnE91uKY=
x-served-by
cache-hhn4053-HHN
last-modified
Thu, 24 Feb 2022 09:50:16 GMT
server
AmazonS3-br
x-timer
S1645702304.192822,VS0,VE0
date
Thu, 24 Feb 2022 11:31:44 GMT
vary
Accept-Encoding
x-amz-request-id
K7X1KV6WNZ89D2F1
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
9090
oeCFyiKCibI8iPIj.m3u8
video.twimg.com/ext_tw_video/1496736341773762562/pu/pl/636x360/ Frame 5395 		2 KB
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1496736341773762562/pu/pl/636x360/oeCFyiKCibI8iPIj.m3u8?container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.9ab6bebed66769d2068b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C48) /
Resource Hash
d8cbdf52d0cf238583186e8f86e472ad6e71e367d7aff73a653b50b02c01879a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17563
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
488
x-response-time
81
surrogate-key
ext_tw_video ext_tw_video/bucket/9 ext_tw_video/1496736341773762562
last-modified
Thu, 24 Feb 2022 06:36:46 GMT
server
ECAcc (mil/6C48)
vary
Accept-Encoding
x-tw-cdn
VZ, VZ, VZ
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
5b4934af6d57c16290da57826645aaa90aa80b9868a3498eadc7b4620dfdb58e
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
cta-component.20220224-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame A2F0 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20220224-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6db618fe9b91c2b6325eb396fe9f000c46e5e0c1c71bde62c37e374261b13d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
SZV5x6f0AxudYdfhUFGRta6GmbiIaG0T
content-encoding
gzip
etag
"108662b8b0798a8b71f184dfcf3e9564"
age
4177
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
4967
x-amz-id-2
OdEdNPjody/XwtBiYV/Ww1m9i3boY715WsBMVOzqH1WW5Q4ueSCgiqjAVWleSR4bWicgOMspzGs=
x-served-by
cache-hhn4053-HHN
last-modified
Thu, 24 Feb 2022 10:15:34 GMT
server
AmazonS3
x-timer
S1645702304.287539,VS0,VE0
date
Thu, 24 Feb 2022 11:31:44 GMT
vary
Accept-Encoding
x-amz-request-id
RQTGKBV0VE2YRCNA
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
10
x-cache-hits
4354
userx.20220224-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame A2F0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220224-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a20bb5092336278e59ee95251bba92f80fa3baef5505ec920c8f8ba9a6cc6fab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Oq5dQh1j7IX2xwJWPOqV2RX2RPzEurZT
content-encoding
gzip
etag
"34c0778711734986a8e1e784e69c1e53"
age
4803
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5395
x-amz-id-2
tb37rVEIo6K0QELe3AARaxAVDRHGimeIdgDKazz5NaT8vyEgQvDUGl92IXDIbu6I4f9d1wMR/Pw=
x-served-by
cache-hhn4053-HHN
last-modified
Thu, 24 Feb 2022 10:11:37 GMT
server
AmazonS3
x-timer
S1645702304.289424,VS0,VE0
date
Thu, 24 Feb 2022 11:31:44 GMT
vary
Accept-Encoding
x-amz-request-id
SDAH80JYSMTSW4Y1
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
10
x-cache-hits
2914
jltOJkUWtui7uhI0.mp4
video.twimg.com/ext_tw_video/1496736341773762562/pu/vid/0/0/636x360/ Frame 5395 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1496736341773762562/pu/vid/0/0/636x360/jltOJkUWtui7uhI0.mp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.9ab6bebed66769d2068b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C2D) /
Resource Hash
45f3d2831324a589daca35026a3e739d83f35b90da5d0b4366de433e8fcc14c8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:44 GMT
x-content-type-options
nosniff
age
17562
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length
1131
x-response-time
88
surrogate-key
ext_tw_video ext_tw_video/bucket/9 ext_tw_video/1496736341773762562
last-modified
Thu, 24 Feb 2022 06:36:46 GMT
server
ECAcc (mil/6C2D)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
5c354917c0fb93a01969f9cf3cc47a8cdc0c65c676a609e618298dfdc94827c1
accept-ranges
bytes
userx.20220224-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame CE3B 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220224-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a20bb5092336278e59ee95251bba92f80fa3baef5505ec920c8f8ba9a6cc6fab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Oq5dQh1j7IX2xwJWPOqV2RX2RPzEurZT
content-encoding
gzip
etag
"34c0778711734986a8e1e784e69c1e53"
age
4803
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5395
x-amz-id-2
tb37rVEIo6K0QELe3AARaxAVDRHGimeIdgDKazz5NaT8vyEgQvDUGl92IXDIbu6I4f9d1wMR/Pw=
x-served-by
cache-hhn4053-HHN
last-modified
Thu, 24 Feb 2022 10:11:37 GMT
server
AmazonS3
x-timer
S1645702304.325701,VS0,VE0
date
Thu, 24 Feb 2022 11:31:44 GMT
vary
Accept-Encoding
x-amz-request-id
SDAH80JYSMTSW4Y1
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
10
x-cache-hits
2915
fix-user-id
trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/ Frame CE3B 		0
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/fix-user-id?lti=deflated&ri=1391e5dc3bf74dce918cdeabcbe03ee3&sd=v2_bcf9be2e4624803aec6563ed1432d9b2_624f217f-bcd8-4de8-a004-8acf88e00389-tuct910f220_1645702304_1645702304_CIi3jgYQwqxKGIGjgdzyLyABKAEwODib4wlAh4oQSKGt2QNQoewQWABgAGjGot3Fm8C5-osBcAA&ui=624f217f-bcd8-4de8-a004-8acf88e00389-tuct910f220&pi=/klitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone&wi=-66465854427463937&pt=text&vi=1645702304129&time=1645702304318&fromUser=5295171c-12fb-4444-942e-fddd3e5f6c32-tuct910f220&toUser=624f217f-bcd8-4de8-a004-8acf88e00389-tuct910f220&fromSD=v2_b85046a22fde90fd78aaf3593ce16502_5295171c-12fb-4444-942e-fddd3e5f6c32-tuct910f220_1645702304_1645702304_CIi3jgYQwqxKGIGjgdzyLyABKAEwODib4wlAh4oQSKGt2QNQoewQWABgAGjGot3Fm8C5-osBcAA&toSD=v2_bcf9be2e4624803aec6563ed1432d9b2_624f217f-bcd8-4de8-a004-8acf88e00389-tuct910f220_1645702304_1645702304_CIi3jgYQwqxKGIGjgdzyLyABKAEwODib4wlAh4oQSKGt2QNQoewQWABgAGjGot3Fm8C5-osBcAA&tim=11%3A31%3A44.318&id=136&llvl=2&cv=20220224-6-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 24 Feb 2022 11:31:44 GMT
via
1.1 varnish
server
nginx
x-timer
S1645702304.326194,VS0,VE9
x-served-by
cache-hhn4053-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
2459389b8d252fe01c57ea42cff39fd4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A2F0 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2459389b8d252fe01c57ea42cff39fd4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
44f443dfaee7f8cc3ce88745cbb4789e2193536d6716aed93c65e5ae3b2208c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 24 Feb 2022 11:31:44 GMT
via
1.1 varnish, 1.1 varnish
age
3016029
edge-cache-tag
428482119208658800222876680318248576721,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag
428482119208658800222876680318248576721,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
177
expiration
expiry-date="Fri, 21 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2459389b8d252fe01c57ea42cff39fd4.jpg
content-length
15918
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Tue, 21 Dec 2021 10:19:25 GMT
server
nginx
x-timer
S1645702304.328293,VS0,VE1
etag
"1a8e6b0a0b326a75cbd60eade574fd13"
x-served-by
cache-bwi5035-BWI, cache-iad-kcgs7200095-IAD, cache-hhn4053-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
userx.20220224-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 0D19 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220224-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a20bb5092336278e59ee95251bba92f80fa3baef5505ec920c8f8ba9a6cc6fab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Oq5dQh1j7IX2xwJWPOqV2RX2RPzEurZT
content-encoding
gzip
etag
"34c0778711734986a8e1e784e69c1e53"
age
4803
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5395
x-amz-id-2
tb37rVEIo6K0QELe3AARaxAVDRHGimeIdgDKazz5NaT8vyEgQvDUGl92IXDIbu6I4f9d1wMR/Pw=
x-served-by
cache-hhn4053-HHN
last-modified
Thu, 24 Feb 2022 10:11:37 GMT
server
AmazonS3
x-timer
S1645702304.333809,VS0,VE0
date
Thu, 24 Feb 2022 11:31:44 GMT
vary
Accept-Encoding
x-amz-request-id
SDAH80JYSMTSW4Y1
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
10
x-cache-hits
2916
fix-user-id
trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/ Frame 0D19 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/fix-user-id?lti=deflated&ri=f101eeea79bda3dae00ec5ce7701f007&sd=v2_e508e94e85e81998c5ae3ff4dfc0a60d_81560c7a-bbdb-4635-a059-62f19be36e2e-tuct910f220_1645702304_1645702304_CIi3jgYQwqxKGIGjgdzyLyABKAEwODib4wlAh4oQSKGt2QNQoewQWABgAGjGot3Fm8C5-osBcAA&ui=81560c7a-bbdb-4635-a059-62f19be36e2e-tuct910f220&pi=/klitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone&wi=-66465854427463937&pt=text&vi=1645702304129&time=1645702304326&fromUser=624f217f-bcd8-4de8-a004-8acf88e00389-tuct910f220&toUser=81560c7a-bbdb-4635-a059-62f19be36e2e-tuct910f220&fromSD=v2_bcf9be2e4624803aec6563ed1432d9b2_624f217f-bcd8-4de8-a004-8acf88e00389-tuct910f220_1645702304_1645702304_CIi3jgYQwqxKGIGjgdzyLyABKAEwODib4wlAh4oQSKGt2QNQoewQWABgAGjGot3Fm8C5-osBcAA&toSD=v2_e508e94e85e81998c5ae3ff4dfc0a60d_81560c7a-bbdb-4635-a059-62f19be36e2e-tuct910f220_1645702304_1645702304_CIi3jgYQwqxKGIGjgdzyLyABKAEwODib4wlAh4oQSKGt2QNQoewQWABgAGjGot3Fm8C5-osBcAA&tim=11%3A31%3A44.326&id=4155&llvl=2&cv=20220224-6-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 24 Feb 2022 11:31:44 GMT
via
1.1 varnish
server
nginx
x-timer
S1645702304.334069,VS0,VE9
x-served-by
cache-hhn4053-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk-metrics
am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/3/ Frame CE3B 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/3/bulk-metrics?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
pragma
no-cache
date
Thu, 24 Feb 2022 11:31:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
349107c3-52d3-4d11-9120-b39ba0355feb_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/ Frame 0D19 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/349107c3-52d3-4d11-9120-b39ba0355feb_1000x600.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
17e52ef4f8d793e26ef6578dc8cba66ccae0f18f0ee19a5157587bc2f161159f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 24 Feb 2022 11:31:44 GMT
via
1.1 varnish, 1.1 varnish
age
243428
edge-cache-tag
350538634958123572245115168273728696174,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag
350538634958123572245115168273728696174,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
722
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/349107c3-52d3-4d11-9120-b39ba0355feb_1000x600.jpeg
content-length
10492
x-request-id
01ba301b0840c01ae0246b88bd8bf7de
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Mon, 21 Feb 2022 15:18:21 GMT
server
nginx
x-timer
S1645702304.347029,VS0,VE1
etag
"3f5ce78b5d2df90907526edbd3f9f181"
x-served-by
cache-bwi5067-BWI, cache-iad-kcgs7200104-IAD, cache-hhn4053-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
debug
am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/ Frame A2F0 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/debug?tim=11%3A31%3A44.344&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=6605&cv=20220224-6-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13189
debug
am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/ Frame CE3B 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/debug?tim=11%3A31%3A44.345&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=4829&cv=20220224-6-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13289
xENgyQxjRQ7jAwxY.m4s
video.twimg.com/ext_tw_video/1496736341773762562/pu/vid/0/3000/636x360/ Frame 5395 		96 KB
96 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1496736341773762562/pu/vid/0/3000/636x360/xENgyQxjRQ7jAwxY.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.9ab6bebed66769d2068b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CB6) /
Resource Hash
bc329dc2bce8e046cea95a8541cf350bc1f1ae5601dda209aa046c50819df254
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:44 GMT
x-content-type-options
nosniff
age
17562
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length
97862
x-response-time
91
surrogate-key
ext_tw_video ext_tw_video/bucket/9 ext_tw_video/1496736341773762562
last-modified
Thu, 24 Feb 2022 06:36:46 GMT
server
ECAcc (mil/6CB6)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
ca239bc3413c99a2dda1981a940e1b5e6c07da4567da2838d39929f6987ad035
accept-ranges
bytes
2459389b8d252fe01c57ea42cff39fd4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A2F0 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2459389b8d252fe01c57ea42cff39fd4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
44f443dfaee7f8cc3ce88745cbb4789e2193536d6716aed93c65e5ae3b2208c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 24 Feb 2022 11:31:44 GMT
via
1.1 varnish, 1.1 varnish
age
3016029
edge-cache-tag
428482119208658800222876680318248576721,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag
428482119208658800222876680318248576721,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
177
expiration
expiry-date="Fri, 21 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2459389b8d252fe01c57ea42cff39fd4.jpg
content-length
15918
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Tue, 21 Dec 2021 10:19:25 GMT
server
nginx
x-timer
S1645702304.352594,VS0,VE0
etag
"1a8e6b0a0b326a75cbd60eade574fd13"
x-served-by
cache-bwi5035-BWI, cache-iad-kcgs7200095-IAD, cache-hhn4053-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
debug
am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/ Frame 0D19 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/debug?tim=11%3A31%3A44.351&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2520&cv=20220224-6-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13289
349107c3-52d3-4d11-9120-b39ba0355feb_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/ Frame 0D19 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/349107c3-52d3-4d11-9120-b39ba0355feb_1000x600.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
17e52ef4f8d793e26ef6578dc8cba66ccae0f18f0ee19a5157587bc2f161159f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 24 Feb 2022 11:31:44 GMT
via
1.1 varnish, 1.1 varnish
age
243428
edge-cache-tag
350538634958123572245115168273728696174,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag
350538634958123572245115168273728696174,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
722
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/349107c3-52d3-4d11-9120-b39ba0355feb_1000x600.jpeg
content-length
10492
x-request-id
01ba301b0840c01ae0246b88bd8bf7de
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Mon, 21 Feb 2022 15:18:21 GMT
server
nginx
x-timer
S1645702304.366067,VS0,VE0
etag
"3f5ce78b5d2df90907526edbd3f9f181"
x-served-by
cache-bwi5067-BWI, cache-iad-kcgs7200104-IAD, cache-hhn4053-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2
ZYnwplrR_lSJ0Ev9.m4s
video.twimg.com/ext_tw_video/1496736341773762562/pu/vid/3000/6000/636x360/ Frame 5395 		96 KB
97 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1496736341773762562/pu/vid/3000/6000/636x360/ZYnwplrR_lSJ0Ev9.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.9ab6bebed66769d2068b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CA1) /
Resource Hash
bd150d3628b16bb74bd0eaa4e819d6c3d440bd98be45997c1c91cae8db281265
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:44 GMT
x-content-type-options
nosniff
age
17562
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=3
content-length
98694
x-response-time
90
surrogate-key
ext_tw_video ext_tw_video/bucket/9 ext_tw_video/1496736341773762562
last-modified
Thu, 24 Feb 2022 06:36:46 GMT
server
ECAcc (mil/6CA1)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
9ecee7ca6878f7a85d440508148329678d1f9eb8fc575a949a2dad19ada69d27
accept-ranges
bytes
json
trc.taboola.com/gazetaexpress160x600gr-r18287011/trc/3/ Frame 2B26 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress160x600gr-r18287011/trc/3/json?tim=11%3A31%3A44.464&lti=deflated&data=%7B%22id%22%3A130%2C%22ii%22%3A%22%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3A%2281560c7a-bbdb-4635-a059-62f19be36e2e-tuct910f220%22%2C%22uifp%22%3A%2281560c7a-bbdb-4635-a059-62f19be36e2e-tuct910f220%22%2C%22lbt%22%3A1645698529548%2C%22vi%22%3A1645702304129%2C%22cv%22%3A%2220220224-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A160%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A600%2C%22dw%22%3A160%2C%22dh%22%3A600%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2218287011%22%2C%22orig_uip%22%3A%2218287011%22%2C%22cd%22%3A0%2C%22mw%22%3A160%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2C18287011%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
95da1d77c8bc2b4b9e0ee65e65839200f28ecbdfe3aad3142094712aa10c1800

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
94
date
Thu, 24 Feb 2022 11:31:44 GMT
content-encoding
gzip
server
nginx
x-timer
S1645702304.468883,VS0,VE94
x-served-by
cache-hhn4053-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
VfGHPeo6RF9W-mRq.m4s
video.twimg.com/ext_tw_video/1496736341773762562/pu/vid/6000/9000/636x360/ Frame 5395 		88 KB
88 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1496736341773762562/pu/vid/6000/9000/636x360/VfGHPeo6RF9W-mRq.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.9ab6bebed66769d2068b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C27) /
Resource Hash
15d1ae441e2e1dc89be7c2917f81a596d4da5dac3683df966ab204eb8e3851a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:44 GMT
x-content-type-options
nosniff
age
17561
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length
89780
x-response-time
91
surrogate-key
ext_tw_video ext_tw_video/bucket/9 ext_tw_video/1496736341773762562
last-modified
Thu, 24 Feb 2022 06:36:46 GMT
server
ECAcc (mil/6C27)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
aea5124aad8a3e63b801e5e08c2d581c274f280023e03ce4a65db3d7a70bcf23
accept-ranges
bytes
graphql
s333.adxpremium.services/ 		0
0
graphql
s333.adxpremium.services/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://s333.adxpremium.services/graphql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3189334.ip-152-228-222.eu
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
*
access-control-allow-methods
HEAD, GET, POST
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
access-control-expose-headers
X-GraphQL-Event-Stream
x-graphql-event-stream
/graphql/stream
date
Thu, 24 Feb 2022 11:31:44 GMT
content-length
0
GsTP1OD0SD2P13tX.m4s
video.twimg.com/ext_tw_video/1496736341773762562/pu/vid/9000/12000/636x360/ Frame 5395 		97 KB
97 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1496736341773762562/pu/vid/9000/12000/636x360/GsTP1OD0SD2P13tX.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.9ab6bebed66769d2068b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CC6) /
Resource Hash
da27efdd8f79b8ae18b91e1a0e522b138b20b3632bb9c9c77e20adbc4a9713e2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:44 GMT
x-content-type-options
nosniff
age
17562
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length
99112
x-response-time
98
surrogate-key
ext_tw_video ext_tw_video/bucket/9 ext_tw_video/1496736341773762562
last-modified
Thu, 24 Feb 2022 06:36:46 GMT
server
ECAcc (mil/6CC6)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
f8bca2ed7fa2b5d4f4ed72869658e1ae0310ebe9e38282a479a033d205539106
accept-ranges
bytes
debug
am-trc-events.taboola.com/gazetaexpress160x600gr-r18287011/log/2/ Frame 2B26 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/gazetaexpress160x600gr-r18287011/log/2/debug?tim=11%3A31%3A44.571&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-a&llvl=2&id=8501&cv=20220224-6-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19006
json
trc.taboola.com/gazetaexpress728x90gr-r18287006/trc/3/ Frame 8573 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/trc/3/json?tim=11%3A31%3A44.914&lti=deflated&data=%7B%22id%22%3A441%2C%22ii%22%3A%22%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3A%2281560c7a-bbdb-4635-a059-62f19be36e2e-tuct910f220%22%2C%22uifp%22%3A%2281560c7a-bbdb-4635-a059-62f19be36e2e-tuct910f220%22%2C%22lbt%22%3A1645697777651%2C%22vi%22%3A1645702304129%2C%22cv%22%3A%2220220224-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2218287006%22%2C%22orig_uip%22%3A%2218287006%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fklitschko-paraqitet-nga-ukraina-ne-jemi-ne-lufte-dhe-luftojme-per-vendin-tone%2C18287006%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9c39e1caee8b43229341015f206fcb45e6701c004cea3d9fca2057a73bcca526

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
147
date
Thu, 24 Feb 2022 11:31:45 GMT
content-encoding
gzip
server
nginx
x-timer
S1645702305.922479,VS0,VE147
x-served-by
cache-hhn4053-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
userx.20220224-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 8573 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220224-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a20bb5092336278e59ee95251bba92f80fa3baef5505ec920c8f8ba9a6cc6fab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Oq5dQh1j7IX2xwJWPOqV2RX2RPzEurZT
content-encoding
gzip
etag
"34c0778711734986a8e1e784e69c1e53"
age
4804
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5395
x-amz-id-2
tb37rVEIo6K0QELe3AARaxAVDRHGimeIdgDKazz5NaT8vyEgQvDUGl92IXDIbu6I4f9d1wMR/Pw=
x-served-by
cache-hhn4053-HHN
last-modified
Thu, 24 Feb 2022 10:11:37 GMT
server
AmazonS3
x-timer
S1645702305.089345,VS0,VE0
date
Thu, 24 Feb 2022 11:31:45 GMT
vary
Accept-Encoding
x-amz-request-id
SDAH80JYSMTSW4Y1
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
10
x-cache-hits
2917
friend-Carries-friends-baby-11.jpg-84140.JPG%3Fwidth%3D1200%26height%3D628
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.giveitlove.com/wp-content/uploads/2018/10/ Frame 8573 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.giveitlove.com/wp-content/uploads/2018/10/friend-Carries-friends-baby-11.jpg-84140.JPG%3Fwidth%3D1200%26height%3D628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8255d2b282e35c86eb8e27322381996db6fe6cf040c316c0ed05976dfabf48a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 24 Feb 2022 11:31:45 GMT
via
1.1 varnish, 1.1 varnish
age
2581519
edge-cache-tag
329758051067274607887774884630569088579,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
cache-tag
329758051067274607887774884630569088579,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
98
x-envoy-upstream-service-time
356
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.giveitlove.com/wp-content/uploads/2018/10/friend-Carries-friends-baby-11.jpg-84140.JPG%3Fwidth%3D1200%26height%3D628
content-length
3296
x-request-id
af6be3939d042cd058419ca156425448
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Tue, 25 Jan 2022 12:01:40 GMT
server
nginx
x-timer
S1645702305.102792,VS0,VE1
etag
"01fdfea5779164daba51212027b82584"
x-served-by
cache-bwi5040-BWI, cache-iad-kjyo7100105-IAD, cache-hhn4053-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:45 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 25 Feb 2022 11:31:45 GMT
debug
am-trc-events.taboola.com/gazetaexpress728x90gr-r18287006/log/2/ Frame 8573 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/gazetaexpress728x90gr-r18287006/log/2/debug?tim=11%3A31%3A45.102&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=5401&cv=20220224-6-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18192
friend-Carries-friends-baby-11.jpg-84140.JPG%3Fwidth%3D1200%26height%3D628
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.giveitlove.com/wp-content/uploads/2018/10/ Frame 8573 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.giveitlove.com/wp-content/uploads/2018/10/friend-Carries-friends-baby-11.jpg-84140.JPG%3Fwidth%3D1200%26height%3D628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8255d2b282e35c86eb8e27322381996db6fe6cf040c316c0ed05976dfabf48a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 24 Feb 2022 11:31:45 GMT
via
1.1 varnish, 1.1 varnish
age
2581519
edge-cache-tag
329758051067274607887774884630569088579,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
cache-tag
329758051067274607887774884630569088579,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
98
x-envoy-upstream-service-time
356
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.giveitlove.com/wp-content/uploads/2018/10/friend-Carries-friends-baby-11.jpg-84140.JPG%3Fwidth%3D1200%26height%3D628
content-length
3296
x-request-id
af6be3939d042cd058419ca156425448
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Tue, 25 Jan 2022 12:01:40 GMT
server
nginx
x-timer
S1645702305.133077,VS0,VE0
etag
"01fdfea5779164daba51212027b82584"
x-served-by
cache-bwi5040-BWI, cache-iad-kjyo7100105-IAD, cache-hhn4053-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
syncframe
gum.criteo.com/ Frame 2E90 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3090
date
Thu, 24 Feb 2022 11:31:44 GMT
content-length
5147
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ 		90 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:45 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 09:04:35 GMT
server
nginx
etag
W/"61f7a623-16685"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 25 Feb 2022 11:31:45 GMT
sid
mug.criteo.com/ Frame 2E90
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=0&topUrl=www.gazetaexpress.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=4Rlby3xqaTl2azl1eUFyUUw4WUttaHY2bHI0UE41bGR3dmtxa29reHlnWE1JTkNtZUN1M2NiVVUvcTZNNnFqL2h3MmZuMUNVSmp6T3FWL3hHVXFFQ1p6N2RvQTdPWkt4NC80N2pWa1k4R2ppVlJTbVNQbmludXNqRkQvUF...
430 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=4Rlby3xqaTl2azl1eUFyUUw4WUttaHY2bHI0UE41bGR3dmtxa29reHlnWE1JTkNtZUN1M2NiVVUvcTZNNnFqL2h3MmZuMUNVSmp6T3FWL3hHVXFFQ1p6N2RvQTdPWkt4NC80N2pWa1k4R2ppVlJTbVNQbmludXNqRkQvUFRCcWt0Mk43UzBBK3VIbGtuOERZcmttTUthYTg1WXlleTNvYk8vYTBuUkhkMWwrbWNUQUdtdVhSQndqSWlPMFFQQzExQkRwblhiemJpNlhtaEd4ZG80SE9RMVRlV0hyc2VQT0toZngrSmV6M1Rka1BQRDNoeCt3aTlJR0JnWVFBQVNOREdIc1A2Q0VVOHp4Q1pQOXJkUVZRNHFHOFkwUT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2b314da9158594470402a727c0a8c5cccdf8298eed6697fb59bba7c03a8168f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:45 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3529
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:44 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=4Rlby3xqaTl2azl1eUFyUUw4WUttaHY2bHI0UE41bGR3dmtxa29reHlnWE1JTkNtZUN1M2NiVVUvcTZNNnFqL2h3MmZuMUNVSmp6T3FWL3hHVXFFQ1p6N2RvQTdPWkt4NC80N2pWa1k4R2ppVlJTbVNQbmludXNqRkQvUFRCcWt0Mk43UzBBK3VIbGtuOERZcmttTUthYTg1WXlleTNvYk8vYTBuUkhkMWwrbWNUQUdtdVhSQndqSWlPMFFQQzExQkRwblhiemJpNlhtaEd4ZG80SE9RMVRlV0hyc2VQT0toZngrSmV6M1Rka1BQRDNoeCt3aTlJR0JnWVFBQVNOREdIc1A2Q0VVOHp4Q1pQOXJkUVZRNHFHOFkwUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1901
content-length
541
expires
0
bulk
trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/ Frame A2F0 		0
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 24 Feb 2022 11:31:45 GMT
via
1.1 varnish
server
nginx
x-timer
S1645702305.322093,VS0,VE9
x-served-by
cache-hhn4053-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/ Frame CE3B 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 24 Feb 2022 11:31:45 GMT
via
1.1 varnish
server
nginx
x-timer
S1645702305.336901,VS0,VE9
x-served-by
cache-hhn4053-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/ Frame 0D19 		0
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 24 Feb 2022 11:31:45 GMT
via
1.1 varnish
server
nginx
x-timer
S1645702305.339514,VS0,VE9
x-served-by
cache-hhn4053-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame A2F0 		254 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
15452
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by
cache-hhn4053-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1645702305.349503,VS0,VE0
date
Thu, 24 Feb 2022 11:31:45 GMT
x-amz-request-id
DM4PBFJ9QH08DD7N
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
10
x-cache-hits
8933
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 0D19 		254 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
15452
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by
cache-hhn4053-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1645702305.367693,VS0,VE0
date
Thu, 24 Feb 2022 11:31:45 GMT
x-amz-request-id
DM4PBFJ9QH08DD7N
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
10
x-cache-hits
8934
check.html
biddr.brealtime.com/ Frame C15B 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Date
Thu, 24 Feb 2022 11:31:45 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
NDl4zV72Ah2L/2ecv/Z/EpP2mX2SRreIrvnUyth+WQgC1PDnAVXL2h19HebxNhbZU+z/5/z0XfQ=
x-amz-request-id
3VMCVX9Y71Z88CX2
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
1344
Expires
Thu, 24 Feb 2022 11:32:45 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6e285e91bee35b86-FRA
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame AFBC 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.0.42.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-42-150.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 24 Feb 2022 11:31:45 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame AFBC 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.0.42.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-42-150.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
07ec0272972dcdb6e079ce032e15cc1f6de374d89b9fdb9cf9af5c2dd2c1070b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 11:31:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Feb 2022 19:52:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14526
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9760
Expires
Thu, 24 Feb 2022 15:33:51 GMT
bulk
trc.taboola.com/gazetaexpress160x600gr-r18287011/log/3/ Frame 2B26 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress160x600gr-r18287011/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Thu, 24 Feb 2022 11:31:45 GMT
via
1.1 varnish
server
nginx
x-timer
S1645702306.578260,VS0,VE10
x-served-by
cache-hhn4053-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 6BB0 		90 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:45 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 09:04:35 GMT
server
nginx
etag
W/"61f7a623-16685"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 25 Feb 2022 11:31:45 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 0196 		90 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:45 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 09:04:35 GMT
server
nginx
etag
W/"61f7a623-16685"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 25 Feb 2022 11:31:45 GMT
logo-one.png
www.gazetaexpress.com/webads/onefor/960x200/ Frame DAB9 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/webads/onefor/960x200/logo-one.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef36d3e34b930ad3353f5ef5da59ff015b1954c2091c0f84b3f2e178f093ace

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/webads/onefor/960x200/index.html?utm_source=Gazeta+Express
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public, public
date
Thu, 24 Feb 2022 11:31:45 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Feb 2022 14:58:04 GMT
server
cloudflare
age
160292
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XlHSqL%2FLfW%2Fe7bZImpJhR%2BSK3tjisYtdiHfpYyPa7rIYiCacswJ3cJliMo%2FHBnwGnCW%2B7Ee54stTcnCADdlkwmhbegQJv63yxFCc43trLnxVc%2B3ffWKpylrHYE3ro94Njc%2BvV09cQY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e285e92bba5915e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 04 Mar 2022 15:00:13 GMT
300.png
www.gazetaexpress.com/webads/onefor/960x200/ Frame DAB9 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/webads/onefor/960x200/300.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6045966d65c172b7ae03892afff4a83a922ef3fe27dedec338922069be988d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/webads/onefor/960x200/index.html?utm_source=Gazeta+Express
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public, public
date
Thu, 24 Feb 2022 11:31:45 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Feb 2022 14:58:03 GMT
server
cloudflare
age
160292
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpAkV4eGbeWGmji%2BcakWHzL2mVWUY5LO6GnzmGmqPFD%2BBkqSyqa55m6Ul6qWeHKJfPopN0CABftNGQ3GUoLJ3ydI0Tm8QE4yHzNFPlvPnLXwbk4zMHwHCy8qbSc1%2Byv0Cj%2Bw%2BEf15r8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e285e92bbaa915e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 04 Mar 2022 15:00:13 GMT
syncframe
gum.criteo.com/ Frame 4200 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3201
date
Thu, 24 Feb 2022 11:31:45 GMT
content-length
5147
strict-transport-security
max-age=31536000; preload;
syncframe
gum.criteo.com/ Frame DCB8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3469
date
Thu, 24 Feb 2022 11:31:45 GMT
content-length
5147
strict-transport-security
max-age=31536000; preload;
sid
mug.criteo.com/ Frame 4200
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=FxwoH19IRFo1VE1BQnklMkJIcE1RajJkUVA4NlZqWHJPV0ZZWUdkRSUyRlR6...
  • https://mug.criteo.com/sid?cpp=6vhyGXxZdndyVmxkN3diTzFtZThacUFQL0k5eVErMkdkRE5qSE1ib09BNTQ1VVBqWU84RDJLVjJwdjBXeWN3NzJ5WllzZUovbnFZL3NVZzdLdlhPMm9KSEVkbzR4c3BGWXNEZXpOQWo0Y211M1JLNEE2REgvbnJJR25hNH...
438 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=6vhyGXxZdndyVmxkN3diTzFtZThacUFQL0k5eVErMkdkRE5qSE1ib09BNTQ1VVBqWU84RDJLVjJwdjBXeWN3NzJ5WllzZUovbnFZL3NVZzdLdlhPMm9KSEVkbzR4c3BGWXNEZXpOQWo0Y211M1JLNEE2REgvbnJJR25hNHE2NFF3QW9QMTFrUlhGekY1OTY0NHovbWNobHA3Q1pzendzWkQ0MWZZaEx6TEJYUkN6dWxwRytoY3pObVNpR2RTVDRYMW5oYU1kZGJidVBUWVB4alFwbzdDZEdweU80Z1VuUFpKd2UzYldEcFR6SXhPRmo4clB4S1c0dk9UUnRqTTRLTDlMREFTM2pMMDRidGZiaVlOMTBSNkNVK0lMNzdFTFR1YnFycDVkZkp6VU9jeFJRRT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
661f07b362b89620cf5f7f4155b007439568f5ed71e2025a12fd670522aa93aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:45 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3635
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:45 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=6vhyGXxZdndyVmxkN3diTzFtZThacUFQL0k5eVErMkdkRE5qSE1ib09BNTQ1VVBqWU84RDJLVjJwdjBXeWN3NzJ5WllzZUovbnFZL3NVZzdLdlhPMm9KSEVkbzR4c3BGWXNEZXpOQWo0Y211M1JLNEE2REgvbnJJR25hNHE2NFF3QW9QMTFrUlhGekY1OTY0NHovbWNobHA3Q1pzendzWkQ0MWZZaEx6TEJYUkN6dWxwRytoY3pObVNpR2RTVDRYMW5oYU1kZGJidVBUWVB4alFwbzdDZEdweU80Z1VuUFpKd2UzYldEcFR6SXhPRmo4clB4S1c0dk9UUnRqTTRLTDlMREFTM2pMMDRidGZiaVlOMTBSNkNVK0lMNzdFTFR1YnFycDVkZkp6VU9jeFJRRT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1979
content-length
567
expires
0
sid
mug.criteo.com/ Frame DCB8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=FxwoH19IRFo1VE1BQnklMkJIcE1RajJkUVA4NlZqWHJPV0ZZWUdkRSUyRlR6...
  • https://mug.criteo.com/sid?cpp=DIL_xnxUVy92dnNKaFRoelZmd2lqc3pCZU9BbFpvT1FjNlZqODFSQjFKaUJyREgrWFpLYXZYUk9OZmdzMGNoTU9DZGxTSTBKd0pKNXg4d0JkVHgrT2s0UnVVcVcxeWl1SlVjNzlyY0lORTR6andWYnFxWnlyc3BNVmd0Z1...
425 B
630 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=DIL_xnxUVy92dnNKaFRoelZmd2lqc3pCZU9BbFpvT1FjNlZqODFSQjFKaUJyREgrWFpLYXZYUk9OZmdzMGNoTU9DZGxTSTBKd0pKNXg4d0JkVHgrT2s0UnVVcVcxeWl1SlVjNzlyY0lORTR6andWYnFxWnlyc3BNVmd0Z1BMYmw5MXlVeVJXVG9lZjNBbEFoU082ZEZXT21FZHB2Wm5ZZFBCaTB2WC9KS1RUTTJ1N0FyeW44b1IzcGpjcjhXMWw1WGg2NXJub1R6Mk9iOEZwYVpIeERMdmxGckc1WjJYeGZFWW5HUlV3SXhOemt1UUlkZllTMjJBdlpTbkRLNlloajZMTkdiVHEzMFVWL3NuR2x6eHByenpob1hNWHpnYnBDSEc3TThzMERvQm5QbmVKcz18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
721aa07f7ab479d6074200d71c3533dbc117499fdfa8f5a455096df58ce482f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:45 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3622
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:45 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=DIL_xnxUVy92dnNKaFRoelZmd2lqc3pCZU9BbFpvT1FjNlZqODFSQjFKaUJyREgrWFpLYXZYUk9OZmdzMGNoTU9DZGxTSTBKd0pKNXg4d0JkVHgrT2s0UnVVcVcxeWl1SlVjNzlyY0lORTR6andWYnFxWnlyc3BNVmd0Z1BMYmw5MXlVeVJXVG9lZjNBbEFoU082ZEZXT21FZHB2Wm5ZZFBCaTB2WC9KS1RUTTJ1N0FyeW44b1IzcGpjcjhXMWw1WGg2NXJub1R6Mk9iOEZwYVpIeERMdmxGckc1WjJYeGZFWW5HUlV3SXhOemt1UUlkZllTMjJBdlpTbkRLNlloajZMTkdiVHEzMFVWL3NuR2x6eHByenpob1hNWHpnYnBDSEc3TThzMERvQm5QbmVKcz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2108
content-length
567
expires
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		90 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:45 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 09:04:35 GMT
server
nginx
etag
W/"61f7a623-16685"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 25 Feb 2022 11:31:45 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame AA8E 		90 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:45 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 09:04:35 GMT
server
nginx
etag
W/"61f7a623-16685"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 25 Feb 2022 11:31:45 GMT
syncframe
gum.criteo.com/ Frame 5D85 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2966
date
Thu, 24 Feb 2022 11:31:45 GMT
content-length
5147
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame F665 		90 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:45 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 09:04:35 GMT
server
nginx
etag
W/"61f7a623-16685"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 25 Feb 2022 11:31:45 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame AB44 		90 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:45 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 09:04:35 GMT
server
nginx
etag
W/"61f7a623-16685"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 25 Feb 2022 11:31:45 GMT
sid
mug.criteo.com/ Frame 5D85
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=Uv77iV9IRFo1VE1BQnklMkJIcE1RajJkUVA4NmZ0STFJMlNrenF1d0kzdWY3...
  • https://mug.criteo.com/sid?cpp=AGHJiHxuanBNeU9WTnZHazZyeENqRU9HSmxNb1c1Q2dLcWRMV1RlSEFBY25FSVA2eExSUWVNdEhnbWt0UTRnTTAzb3hlU1FkbzJJSmdMRVZTc1h0S1l4eS9WMk10cUtlYWpFYnZ0NVh0Zkk0RS84RGlwUnR3YVJoZmNxQW...
417 B
626 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=AGHJiHxuanBNeU9WTnZHazZyeENqRU9HSmxNb1c1Q2dLcWRMV1RlSEFBY25FSVA2eExSUWVNdEhnbWt0UTRnTTAzb3hlU1FkbzJJSmdMRVZTc1h0S1l4eS9WMk10cUtlYWpFYnZ0NVh0Zkk0RS84RGlwUnR3YVJoZmNxQW5tbGVBd01WdnlKdm8xWGR6SlR1QWdjclVLZklWM3QzeElpbUpCcGQxKzJRMTRXNk1sRnVuOXJCeXU0YTlLNmVpdmlqT05JdndPQzI5NDZVRnNPcWZwRk9FRFVPcTc1d3BZYTBoV1ROeEd3azRKUTFIS2xjNjl0dUFMcU9iRzFVNjJEVTZ6RU9VaDJpTXd4NGU0SWhuc1M1MGdrTUJDR2hjdG45aDQvUlhEWmxHTFRYd0dMOD18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
a0306b0fea0e167153e37ec9470200d3394d48cc8870250e772061ad4c1046b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:45 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3737
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:44 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=AGHJiHxuanBNeU9WTnZHazZyeENqRU9HSmxNb1c1Q2dLcWRMV1RlSEFBY25FSVA2eExSUWVNdEhnbWt0UTRnTTAzb3hlU1FkbzJJSmdMRVZTc1h0S1l4eS9WMk10cUtlYWpFYnZ0NVh0Zkk0RS84RGlwUnR3YVJoZmNxQW5tbGVBd01WdnlKdm8xWGR6SlR1QWdjclVLZklWM3QzeElpbUpCcGQxKzJRMTRXNk1sRnVuOXJCeXU0YTlLNmVpdmlqT05JdndPQzI5NDZVRnNPcWZwRk9FRFVPcTc1d3BZYTBoV1ROeEd3azRKUTFIS2xjNjl0dUFMcU9iRzFVNjJEVTZ6RU9VaDJpTXd4NGU0SWhuc1M1MGdrTUJDR2hjdG45aDQvUlhEWmxHTFRYd0dMOD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2257
content-length
567
expires
0
syncframe
gum.criteo.com/ Frame 6F70 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
4222
date
Thu, 24 Feb 2022 11:31:45 GMT
content-length
5147
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 231E 		90 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:45 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 09:04:35 GMT
server
nginx
etag
W/"61f7a623-16685"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 25 Feb 2022 11:31:45 GMT
syncframe
gum.criteo.com/ Frame D189 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2708
date
Thu, 24 Feb 2022 11:31:45 GMT
content-length
5147
strict-transport-security
max-age=31536000; preload;
syncframe
gum.criteo.com/ Frame 08C8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3052
date
Thu, 24 Feb 2022 11:31:45 GMT
content-length
5147
strict-transport-security
max-age=31536000; preload;
sid
mug.criteo.com/ Frame 6F70
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=Uv77iV9IRFo1VE1BQnklMkJIcE1RajJkUVA4NmZ0STFJMlNrenF1d0kzdWY3...
  • https://mug.criteo.com/sid?cpp=hFxQznw2THZFdHI5eU9jdDJlS052WkRUbmUrV21KWGIzcythdFo5K2cxeFRzdXVUTVE5dlA5bm4yV0JrUStOVUx1bHlLeWR6dTduNEg2L2hQQXd1UGpqSS9UbE02S1krNmZXSkxOc0MrNzI5Ulc0MGxDLzZrRDJlck9qSj...
443 B
630 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=hFxQznw2THZFdHI5eU9jdDJlS052WkRUbmUrV21KWGIzcythdFo5K2cxeFRzdXVUTVE5dlA5bm4yV0JrUStOVUx1bHlLeWR6dTduNEg2L2hQQXd1UGpqSS9UbE02S1krNmZXSkxOc0MrNzI5Ulc0MGxDLzZrRDJlck9qSjZrL0YxdHB6dUlSaVB6K3QxdlhuYm4rWVRRa0hRWGY1cVNNeVBLNVZIYUdRRjBBdlgyRWZjQVpMMHJkZnNMZjdabVQ2OVY0Umw1a2VpL3A0L2l4THE0a3h2d0lveFZLQ1lZV1ErZzZVRWJBVnFXaW41OTQrY1psNWhPaDZJbFh6bUlWSWF5NzNzTTdlVGlWcjBFTzhRM2FYdEd2NXI4SWtrMzZocVMxYWRzc3J6bU9pWkdVOD18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
366623e43cfee4bf0d50bedc9a2af705c1d12da4a03689b4995cade024ea7cf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:45 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3354
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:45 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=hFxQznw2THZFdHI5eU9jdDJlS052WkRUbmUrV21KWGIzcythdFo5K2cxeFRzdXVUTVE5dlA5bm4yV0JrUStOVUx1bHlLeWR6dTduNEg2L2hQQXd1UGpqSS9UbE02S1krNmZXSkxOc0MrNzI5Ulc0MGxDLzZrRDJlck9qSjZrL0YxdHB6dUlSaVB6K3QxdlhuYm4rWVRRa0hRWGY1cVNNeVBLNVZIYUdRRjBBdlgyRWZjQVpMMHJkZnNMZjdabVQ2OVY0Umw1a2VpL3A0L2l4THE0a3h2d0lveFZLQ1lZV1ErZzZVRWJBVnFXaW41OTQrY1psNWhPaDZJbFh6bUlWSWF5NzNzTTdlVGlWcjBFTzhRM2FYdEd2NXI4SWtrMzZocVMxYWRzc3J6bU9pWkdVOD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1998
content-length
567
expires
0
sid
mug.criteo.com/ Frame D189
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=Uv77iV9IRFo1VE1BQnklMkJIcE1RajJkUVA4NmZ0STFJMlNrenF1d0kzdWY3...
  • https://mug.criteo.com/sid?cpp=RMWtWXxVb2dwdFQyV2RxcjVRVDI1Z1d5cmtZNzlYZlM5UlVOUEdPME9RUlBoZW9zQUdsVExHV1ZvZFBITFBDRkNwMFhSNWZ1N2U4S3QyaG80N3UvM1hxOVF3dU9WN2E5a01QbDF1QTgvM00wK3hCbmRXSExBRXVPMFM5ZG...
443 B
635 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=RMWtWXxVb2dwdFQyV2RxcjVRVDI1Z1d5cmtZNzlYZlM5UlVOUEdPME9RUlBoZW9zQUdsVExHV1ZvZFBITFBDRkNwMFhSNWZ1N2U4S3QyaG80N3UvM1hxOVF3dU9WN2E5a01QbDF1QTgvM00wK3hCbmRXSExBRXVPMFM5ZGZKcVZjUS9LeFdUdG1Jc1FvZjkvZUNjUGxBVUdFSjVEekUwZDZUN0daMWxpV0E0V3pzTGVDeVNpcEhPSmhwL3UzR2t4WkJXckZwQWNRdXUwRWc4LzhtTUpLNTBBOEhLWnB1aUIrbUR4M1ZZOCtWTGRjdS85dnpzSXBFcnlqTGphTFR6UjVBRlRwMHJMUjVrOG04cnd5UUJwS3lUbzZkWEJZalF3K0tHL0FkNS8xcG9PV3o2ST18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e5617f1b656841f411c17fc96806b5bbc9bc925a9eb68e6bc95a4212e898ba34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:45 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3390
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:45 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=RMWtWXxVb2dwdFQyV2RxcjVRVDI1Z1d5cmtZNzlYZlM5UlVOUEdPME9RUlBoZW9zQUdsVExHV1ZvZFBITFBDRkNwMFhSNWZ1N2U4S3QyaG80N3UvM1hxOVF3dU9WN2E5a01QbDF1QTgvM00wK3hCbmRXSExBRXVPMFM5ZGZKcVZjUS9LeFdUdG1Jc1FvZjkvZUNjUGxBVUdFSjVEekUwZDZUN0daMWxpV0E0V3pzTGVDeVNpcEhPSmhwL3UzR2t4WkJXckZwQWNRdXUwRWc4LzhtTUpLNTBBOEhLWnB1aUIrbUR4M1ZZOCtWTGRjdS85dnpzSXBFcnlqTGphTFR6UjVBRlRwMHJMUjVrOG04cnd5UUJwS3lUbzZkWEJZalF3K0tHL0FkNS8xcG9PV3o2ST18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2049
content-length
567
expires
0
sid
mug.criteo.com/ Frame 08C8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=Uv77iV9IRFo1VE1BQnklMkJIcE1RajJkUVA4NmZ0STFJMlNrenF1d0kzdWY3...
  • https://mug.criteo.com/sid?cpp=cJlgjnxiNVovQlBBYW9ZRTFXRlZuK21mTUlmR0RHYkVjZTJ3QzBlUWs2bUloK3BjMWJqYmREb01uayswZklSMkp4d2dmSjBwVlVtbTU2TmwrZ3g5YWZ6cDdxZHFSYXR0QW5XdWpRN1hqTTJnZy9nR01SZURQanFUb0RhRE...
438 B
638 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=cJlgjnxiNVovQlBBYW9ZRTFXRlZuK21mTUlmR0RHYkVjZTJ3QzBlUWs2bUloK3BjMWJqYmREb01uayswZklSMkp4d2dmSjBwVlVtbTU2TmwrZ3g5YWZ6cDdxZHFSYXR0QW5XdWpRN1hqTTJnZy9nR01SZURQanFUb0RhRE1NTlhmVDN0R1VRSTBPSlpaaytPSEFZZnQ1WXRqZC9QQ2pwby9CM0lDVG9SemNGemRZTDkyY0JSbDgvVmh3clNjTjNJN1B0aXRkeCt0ZHpOVmNoVHpGYU5KOUM3U0VCNmlxY2lZdlVTZGxvbHdLT3dXRUc2cXJXcURnZkFnenViOUJWZFdHcldXQXV4YS9pTFEwRnhnRnVkYXllSnpaLzRhVUtrSnArdGo2VGRuRWJpa0tTOD18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
dd5668f6c5c90d949387fa704040523612385d3e3782d4e9e4dd6b2134fdd52b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:45 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4117
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:45 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=cJlgjnxiNVovQlBBYW9ZRTFXRlZuK21mTUlmR0RHYkVjZTJ3QzBlUWs2bUloK3BjMWJqYmREb01uayswZklSMkp4d2dmSjBwVlVtbTU2TmwrZ3g5YWZ6cDdxZHFSYXR0QW5XdWpRN1hqTTJnZy9nR01SZURQanFUb0RhRE1NTlhmVDN0R1VRSTBPSlpaaytPSEFZZnQ1WXRqZC9QQ2pwby9CM0lDVG9SemNGemRZTDkyY0JSbDgvVmh3clNjTjNJN1B0aXRkeCt0ZHpOVmNoVHpGYU5KOUM3U0VCNmlxY2lZdlVTZGxvbHdLT3dXRUc2cXJXcURnZkFnenViOUJWZFdHcldXQXV4YS9pTFEwRnhnRnVkYXllSnpaLzRhVUtrSnArdGo2VGRuRWJpa0tTOD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1760
content-length
567
expires
0
visible
trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/ Frame 8573 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Thu, 24 Feb 2022 11:31:46 GMT
via
1.1 varnish
server
nginx
x-timer
S1645702306.096200,VS0,VE10
x-served-by
cache-hhn4053-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/ Frame 8573 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 24 Feb 2022 11:31:46 GMT
via
1.1 varnish
server
nginx
x-timer
S1645702306.096386,VS0,VE9
x-served-by
cache-hhn4053-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 8573 		254 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
15453
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by
cache-hhn4053-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1645702306.115733,VS0,VE0
date
Thu, 24 Feb 2022 11:31:46 GMT
x-amz-request-id
DM4PBFJ9QH08DD7N
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
10
x-cache-hits
8935
cds-pips.js
cdn.taboola.com/scripts/ Frame A2F0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
2420
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
d2c+S+ILbil9YoWV0pdRt5sw8P0XC/NhHYbhmL4aRwQla6EAzDzo1EmADmZOYSNh2V3J9hbip1I=
x-served-by
cache-hhn4053-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1645702306.276628,VS0,VE0
date
Thu, 24 Feb 2022 11:31:46 GMT
vary
Accept-Encoding
x-amz-request-id
6CY1FG8Q11T7G8KE
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
6288
eid.js
cdn.taboola.com/scripts/ Frame A2F0 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
8138
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
Rhh0WCO+nH/zCfz3jMuRc6c0XnxbSs+HWO0GK9r2x4mf5YFhPlfQqTSv3iCD1wQHcZnxVg9CFQU=
x-served-by
cache-hhn4053-HHN
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1645702306.276789,VS0,VE0
date
Thu, 24 Feb 2022 11:31:46 GMT
vary
Accept-Encoding
x-amz-request-id
4QYNQ0077R21PYSA
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
19253
/
pips.taboola.com/ Frame A2F0 		64 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
bb85b132d27b1108689580228e1f8a131d0eb8877e5c11b28935155fb02a548f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:46 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mxp6935-MXP
access-control-allow-methods
GET
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
cds-pips.js
cdn.taboola.com/scripts/ Frame CE3B 		2 KB
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
2420
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
d2c+S+ILbil9YoWV0pdRt5sw8P0XC/NhHYbhmL4aRwQla6EAzDzo1EmADmZOYSNh2V3J9hbip1I=
x-served-by
cache-hhn4053-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1645702306.322542,VS0,VE0
date
Thu, 24 Feb 2022 11:31:46 GMT
vary
Accept-Encoding
x-amz-request-id
6CY1FG8Q11T7G8KE
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
6289
eid.js
cdn.taboola.com/scripts/ Frame CE3B 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
8138
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
Rhh0WCO+nH/zCfz3jMuRc6c0XnxbSs+HWO0GK9r2x4mf5YFhPlfQqTSv3iCD1wQHcZnxVg9CFQU=
x-served-by
cache-hhn4053-HHN
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1645702306.322652,VS0,VE0
date
Thu, 24 Feb 2022 11:31:46 GMT
vary
Accept-Encoding
x-amz-request-id
4QYNQ0077R21PYSA
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
19254
cds-pips.js
cdn.taboola.com/scripts/ Frame 0D19 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
2420
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
d2c+S+ILbil9YoWV0pdRt5sw8P0XC/NhHYbhmL4aRwQla6EAzDzo1EmADmZOYSNh2V3J9hbip1I=
x-served-by
cache-hhn4053-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1645702306.331351,VS0,VE0
date
Thu, 24 Feb 2022 11:31:46 GMT
vary
Accept-Encoding
x-amz-request-id
6CY1FG8Q11T7G8KE
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
6290
eid.js
cdn.taboola.com/scripts/ Frame 0D19 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
8138
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
Rhh0WCO+nH/zCfz3jMuRc6c0XnxbSs+HWO0GK9r2x4mf5YFhPlfQqTSv3iCD1wQHcZnxVg9CFQU=
x-served-by
cache-hhn4053-HHN
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1645702306.331425,VS0,VE0
date
Thu, 24 Feb 2022 11:31:46 GMT
vary
Accept-Encoding
x-amz-request-id
4QYNQ0077R21PYSA
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
19255
/
pips.taboola.com/ Frame CE3B 		64 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
bb85b132d27b1108689580228e1f8a131d0eb8877e5c11b28935155fb02a548f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:46 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mxp6935-MXP
access-control-allow-methods
GET
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
pips.taboola.com/ Frame 0D19 		64 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
bb85b132d27b1108689580228e1f8a131d0eb8877e5c11b28935155fb02a548f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:46 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mxp6935-MXP
access-control-allow-methods
GET
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ Frame A2F0 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=5295171c-12fb-4444-942e-fddd3e5f6c32-tuct910f220&uad=876e045f2d3bc5aa07d93f39c30f45e3b6bc27102d919466a5f9f93a5a6502d0
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 24 Feb 2022 11:31:46 GMT
Cache-Control
no-store
Server
nginx
Connection
close
/
cds.taboola.com/ Frame CE3B 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=624f217f-bcd8-4de8-a004-8acf88e00389-tuct910f220&uad=876e045f2d3bc5aa07d93f39c30f45e3b6bc27102d919466a5f9f93a5a6502d0
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 24 Feb 2022 11:31:46 GMT
Cache-Control
no-store
Server
nginx
Connection
close
/
cds.taboola.com/ Frame 0D19 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=81560c7a-bbdb-4635-a059-62f19be36e2e-tuct910f220&uad=876e045f2d3bc5aa07d93f39c30f45e3b6bc27102d919466a5f9f93a5a6502d0
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 24 Feb 2022 11:31:46 GMT
Cache-Control
no-store
Server
nginx
Connection
close
cds-pips.js
cdn.taboola.com/scripts/ Frame 2B26 		2 KB
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
2420
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
d2c+S+ILbil9YoWV0pdRt5sw8P0XC/NhHYbhmL4aRwQla6EAzDzo1EmADmZOYSNh2V3J9hbip1I=
x-served-by
cache-hhn4053-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1645702307.577110,VS0,VE0
date
Thu, 24 Feb 2022 11:31:46 GMT
vary
Accept-Encoding
x-amz-request-id
6CY1FG8Q11T7G8KE
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
6292
eid.js
cdn.taboola.com/scripts/ Frame 2B26 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
8139
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
Rhh0WCO+nH/zCfz3jMuRc6c0XnxbSs+HWO0GK9r2x4mf5YFhPlfQqTSv3iCD1wQHcZnxVg9CFQU=
x-served-by
cache-hhn4053-HHN
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1645702307.577240,VS0,VE0
date
Thu, 24 Feb 2022 11:31:46 GMT
vary
Accept-Encoding
x-amz-request-id
4QYNQ0077R21PYSA
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
19257
ifs.js
cdn.taboola.com/scripts/ Frame 2B26 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/ifs.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cc944ab48bfe65fba34b72bca00df781e01d86cc03d7b198cdb05749c6f6979

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
aYLDhgvwwa472gRnvlfvR1v6pGE8dkzl
content-encoding
gzip
etag
"1e19fe66122d95feff923323e304da54"
age
27536
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
822
x-amz-id-2
OBTIWXA+v+QGSsBa2gOej7KxOoQKDgqHRlv794kgDYXkiNj5kJ2EIolZv+EyPCsUg75vIRjrwpU=
x-served-by
cache-hhn4053-HHN
last-modified
Mon, 24 Jan 2022 13:29:17 GMT
server
AmazonS3
x-timer
S1645702307.577348,VS0,VE0
date
Thu, 24 Feb 2022 11:31:46 GMT
vary
Accept-Encoding
x-amz-request-id
YHH8KDYKEC62EZ22
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
5165
/
pips.taboola.com/ Frame 2B26 		64 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
bb85b132d27b1108689580228e1f8a131d0eb8877e5c11b28935155fb02a548f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:46 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mxp6935-MXP
access-control-allow-methods
GET
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
tsdtocl.com/ Frame 08BF 		786 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tsdtocl.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/ifs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c30f0f816ada3a1410045d740a98e4d2faf07fc74ffc0430678b21abbd05138

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

x-amz-id-2
7/fybOjOGE9ySAbpdSzEHsrdP3Shrv26K8rBIL/sdmMfOS1+AmI0UG/qi+QDMh0tAkMKP8sYwZY=
x-amz-request-id
H53CXRSRMBMC2C7H
x-amz-replication-status
COMPLETED
last-modified
Wed, 05 Jan 2022 19:36:57 GMT
etag
"fb5a4594b9ffef704d61bb6e6f80f145"
x-amz-version-id
Qk4nobcRRphLiqVWi0NeSs0dand8kap0
content-type
text/html
server
AmazonS3
accept-ranges
bytes
date
Thu, 24 Feb 2022 11:31:46 GMT
via
1.1 varnish
age
3032
x-served-by
cache-hhn4061-HHN
x-cache
HIT
x-cache-hits
4167
x-timer
S1645702307.625511,VS0,VE0
content-length
786
/
cds.taboola.com/ Frame 2B26 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=81560c7a-bbdb-4635-a059-62f19be36e2e-tuct910f220&uad=876e045f2d3bc5aa07d93f39c30f45e3b6bc27102d919466a5f9f93a5a6502d0
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 24 Feb 2022 11:31:46 GMT
Cache-Control
no-store
Server
nginx
Connection
close
pd
u.openx.net/w/1.0/ Frame 0196 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:46 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
pubmatic
um.simpli.fi/ Frame 0196
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDBBODlEQ0ItMjMwMS00MEQxLThFNzktM0Q5RjdEQzQ1NTYx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 23 Feb 2022 11:31:47 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Thu, 24 Feb 2022 11:31:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 0196
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date
Thu, 24 Feb 2022 11:31:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pubmatic
um.simpli.fi/ Frame 6BB0
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEIwNUZENDctNzEyQi00REM4LTkyQjctNDRENEQxMjM5NkNE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 23 Feb 2022 11:31:47 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Thu, 24 Feb 2022 11:31:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
pd
u.openx.net/w/1.0/ Frame 6BB0 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:46 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 6BB0
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date
Thu, 24 Feb 2022 11:31:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pubmatic
um.simpli.fi/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTU4NjQ3MTItQjQ2RS00QURGLTg5MDAtNEY2OUM3RjY2OUQ0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 23 Feb 2022 11:31:47 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Thu, 24 Feb 2022 11:31:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
pd
u.openx.net/w/1.0/ 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:46 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuidmid=7976&xuid=QYBcbUqfp&dongle=u6nf
eb2.3lift.com/
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=QYBcbUqfp&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=QYBcbUqfp&dongle=u6nf
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:47 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=QYBcbUqfp&dongle=u6nf
date
Thu, 24 Feb 2022 11:31:46 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
ImgSync
image8.pubmatic.com/AdServer/ Frame AA8E 		0
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=156400
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame AA8E
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
date
Thu, 24 Feb 2022 11:31:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame AA8E 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:46 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AB44
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3MDE0MTA3NzQ4MzA5NjUxODIz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3MDE0MTA3NzQ4MzA5NjUxODIz
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3MDE0MTA3NzQ4MzA5NjUxODIz
date
Thu, 24 Feb 2022 11:31:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame AB44 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:46 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame AB44
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBHtrPAvf-ezjEDrc6tm6bo&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Thu, 24 Feb 2022 08:55:12 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug021:0:604
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 231E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBHtrPAvf-ezjEDrc6tm6bo&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2101496415489368585
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0225f992-746c-4db8-a0b1-fdced593cb28
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Thu, 24 Feb 2022 06:09:31 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug025:0:362
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
px.ads.linkedin.com/ Frame 231E
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=437014107748309651823&dbredirect=true&gdpr=1&consent=
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=437014107748309651823&dbredirect=true&gdpr=1&consent=
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:46 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 6EF1AD4BC6384936ACA110ADFC3A3A88 Ref B: FRAEDGE1414 Ref C: 2022-02-24T11:31:46Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXYwe1rDyvwRZrweF7JHA==

Redirect headers

location
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=437014107748309651823&dbredirect=true&gdpr=1&consent=
date
Thu, 24 Feb 2022 11:31:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame 231E 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:46 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/ Frame 8573 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
2421
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
d2c+S+ILbil9YoWV0pdRt5sw8P0XC/NhHYbhmL4aRwQla6EAzDzo1EmADmZOYSNh2V3J9hbip1I=
x-served-by
cache-hhn4053-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1645702307.086517,VS0,VE0
date
Thu, 24 Feb 2022 11:31:47 GMT
vary
Accept-Encoding
x-amz-request-id
6CY1FG8Q11T7G8KE
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
6293
eid.js
cdn.taboola.com/scripts/ Frame 8573 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220224-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
8139
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
Rhh0WCO+nH/zCfz3jMuRc6c0XnxbSs+HWO0GK9r2x4mf5YFhPlfQqTSv3iCD1wQHcZnxVg9CFQU=
x-served-by
cache-hhn4053-HHN
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1645702307.086826,VS0,VE0
date
Thu, 24 Feb 2022 11:31:47 GMT
vary
Accept-Encoding
x-amz-request-id
4QYNQ0077R21PYSA
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
10
x-cache-hits
19258
/
pips.taboola.com/ Frame 8573 		64 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
bb85b132d27b1108689580228e1f8a131d0eb8877e5c11b28935155fb02a548f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:47 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mxp6935-MXP
access-control-allow-methods
GET
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ Frame 8573 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=81560c7a-bbdb-4635-a059-62f19be36e2e-tuct910f220&uad=876e045f2d3bc5aa07d93f39c30f45e3b6bc27102d919466a5f9f93a5a6502d0
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 24 Feb 2022 11:31:47 GMT
Cache-Control
no-store
Server
nginx
Connection
close
pd
u.openx.net/w/1.0/ Frame F665 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 11:31:47 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame F665
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/437014107748309651823?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-8PeCe6ZE2oSWHb4GLnu5g6xHmj_R0JD2Ir47XGPEhg--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-8PeCe6ZE2oSWHb4GLnu5g6xHmj_R0JD2Ir47XGPEhg--~A&dongle=0883
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 24 Feb 2022 11:31:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-8PeCe6ZE2oSWHb4GLnu5g6xHmj_R0JD2Ir47XGPEhg--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
ImgSync
image8.pubmatic.com/AdServer/ Frame F665 		0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=156400
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:31:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gum.criteo.com
URL
https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
Domain
partner.mediawallahscript.com
URL
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-XHMnTkb7n7KGx0Y8HQ6l1NnnqZ0ORWtCUwF1nA&custom=&tag_format=img&tag_action=sync&custom=&cb=8b116f54-5e56-41dd-b34f-19b9f2c20160
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/362338.gif?partner_uid=k-XHMnTkb7n7KGx0Y8HQ6l1NnnqZ0ORWtCUwF1nA&ct=3&cv=1
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-XHMnTkb7n7KGx0Y8HQ6l1NnnqZ0ORWtCUwF1nA
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-youkQ0b7n7KGx0Y8HQ6l1NnnqZ3WWpfAdyCRag
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-MNEykEb7n7KGx0Y8HQ6l1NnnqZ1PshncfK8AFA
Domain
cw.addthis.com
URL
https://cw.addthis.com/t.gif?pid=113&pdid=k-XHMnTkb7n7KGx0Y8HQ6l1NnnqZ0ORWtCUwF1nA
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-heRxTUb7n7KGx0Y8HQ6l1NnnqZ0SlM6RoXeCKw&expires=30
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/setuid?entity=52&code=k-xQyRJkb7n7KGx0Y8HQ6l1NnnqZ2pnOPJ1o10KA&seg=95287
Domain
ad.tpmn.co.kr
URL
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-BcbzCkb7n7KGx0Y8HQ6l1NnnqZ0_EUSOpo2kOQ
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-NZM4jkb7n7KGx0Y8HQ6l1NnnqZ2-1rOlRM4Eog
Domain
adgen.socdm.com
URL
https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-3Wiz50b7n7KGx0Y8HQ6l1NnnqZ3oU-l7o7JsCA
Domain
cs.adingo.jp
URL
https://cs.adingo.jp/sync/?from=criteo&id=k-CJvhtkb7n7KGx0Y8HQ6l1NnnqZ21le7y3Kf2_A
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-4hhAc0b7n7KGx0Y8HQ6l1NnnqZ1rBTC5GQwKzQ&dongle=013b
Domain
an.yandex.ru
URL
https://an.yandex.ru/mapuid/criteois/k-ae0dm0b7n7KGx0Y8HQ6l1NnnqZ37u81_rli65g
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-Trmu2Eb7n7KGx0Y8HQ6l1NnnqZ044QCygTFg2A
Domain
sync.ad-stir.com
URL
https://sync.ad-stir.com/?symbol=CRITEO&uid=k-N1hsR0b7n7KGx0Y8HQ6l1NnnqZ1U2GlbES2cAA
Domain
r.casalemedia.com
URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-HZMga0b7n7KGx0Y8HQ6l1NnnqZ3Xm9-wGPHtIQ
Domain
adx.dable.io
URL
https://adx.dable.io/pixel?dsp_id=6&uid=k-wGRKZEb7n7KGx0Y8HQ6l1NnnqZ2G8JhO-myB6g
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-YMyS7Eb7n7KGx0Y8HQ6l1NnnqZ2kYZXBd_qezQ
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-9IJlXkb7n7KGx0Y8HQ6l1NnnqZ2AMNZKt1YPiQ&expires=30&user_group=5
Domain
trends.revcontent.com
URL
https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-JX8HREb7n7KGx0Y8HQ6l1NnnqZ0qT2mnNsiKVQ
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
Domain
gum.criteo.com
URL
https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMjMmdGw9MTI5NjAw&piggybackCookie=uid:k-3Wiz50b7n7KGx0Y8HQ6l1NnnqZ3oU-l7o7JsCA
Domain
s333.adxpremium.services
URL
https://s333.adxpremium.services/graphql

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 function| structuredClone object| CloudflareApps string| GoogleAnalyticsObject function| ga object| _atrk_opts function| fbq function| _fbq object| _taboola object| teadsscript object| gjdmpInitializer object| gjdmp object| bisko object| googletag object| _wpemojiSettings undefined| $ function| jQuery function| previous function| next function| go_to_page function| previous_secondpag function| next_secondpag function| go_to_page_secondpag function| previous_search function| next_search function| go_to_page_search object| wp object| __CF$cv$params object| jQuery1124022466557777642082 number| windowWidth number| windowHeight object| org function| getQueryParamValue function| FlashObject function| SWFObject object| reviveAsync object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| teads object| TWAGORAINARTICLE number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map function| atrk boolean| _atrk_fired string| reqCountry number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| condLabels object| adUnits object| pbjs function| initAdserver function| pbjsChunk object| _pbjsGlobals object| Criteo string| google_user_agent_client_hint object| twemoji object| TRC object| _tblConsole undefined| msg object| __twttrll object| twttr object| __twttr object| _mgIntExchangeNews object| MarketGidInfC1002277 function| MarketGidCContextBlock1002277 function| MarketGidCMainBlock1002277 function| MarketGidCInternalExchangeBlock1002277 function| MarketGidCRejectBlock1002277 function| MarketGidCInternalExchangeLoggerBlock1002277 function| MarketGidCObserverBlock1002277 function| MarketGidCSendDimensionsBlock1002277 function| MarketGidCRtbBlock1002277 function| MarketGidCContentPreviewBlock1002277 function| MarketGidCResponsiveBlock1002277 boolean| mg_loaded_634059_1002277 object| MarketGidInfC1190148 function| MarketGidCContextBlock1190148 function| MarketGidCMainBlock1190148 function| MarketGidCInternalExchangeBlock1190148 function| MarketGidCRejectBlock1190148 function| MarketGidCInternalExchangeLoggerBlock1190148 function| MarketGidCObserverBlock1190148 function| MarketGidCSendDimensionsBlock1190148 function| MarketGidCRtbBlock1190148 function| MarketGidCContentPreviewBlock1190148 function| MarketGidCResponsiveBlock1190148 boolean| mg_loaded_634059_1190148 function| iFrameResize object| ProjectAgora number| max_priority function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages string| txt function| postscribe object| GoogleGcLKhOms object| onClickExcludes function| mgReject1002277 function| mgLoadAds1002277_16c7d function| MarketGidCReject1002277 function| MarketGidLoadGoods1002277_16c7d function| mgReject1214277 function| mgLoadAds1214277_16c7d function| MarketGidCReject1214277 function| MarketGidLoadGoods1214277_16c7d function| mgReject1190148 function| mgLoadAds1190148_1019a function| MarketGidCReject1190148 function| MarketGidLoadGoods1190148_1019a object| _mgq function| _mgqp number| _mgqt number| _mgqi boolean| MarketGidCSvsdsFlag string| _mgCanonicalUri boolean| _mgPageViewEndPoint634059 string| _mgPvid boolean| _mgPageView634059 function| PAv2 object| ADAGIO boolean| i.js.loaded boolean| i-noref.js.loaded function| projectAgoraPbjsChunk object| projectAgoraPbjs function| JSEncrypt string| nobidVersion object| nobid object| google_image_requests object| _ADAGIO number| taboola_view_id object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| criteo_syncframe_state object| Criteo_prebid_119 function| arrive function| unbindArrive function| leave function| unbindLeave

82 Cookies

Domain/Path Name / Value
.mrtnsvr.com/sync Name: userId
Value: QYBcbUqfp
.3lift.com/sync Name: sync
Value: CgoI5gEQ_7iB3PIvCgoIhwIQn7mB3PIvCgkIOhCXuIHc8i8KCgiMAhCquYHc8i8KCgieAhDNuIHc8i8KCQhfENC6gdzyLw==
www.gazetaexpress.com/ Name: uid
Value: M9JdEmIXbJ2LvZoHAwwXAg==
ads.gazetaexpress.com/ Name: OAGEO
Value: 2%7CDE%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
.mgid.com/ Name: __cf_bm
Value: KyvPyz4.M_3M7_JQ_KzH_odje6bJXuSSjTe3OYkFS30-1645702301-0-AaC/w3pvKJtZV+eiAg2huClrUMkrLQABHky24NSgNQSzHiMYKjsH25ave75TdkSkOsLr+3Wj43eILm1HJWS/vio=
.gazetaexpress.com/ Name: _ga
Value: GA1.2.771925142.1645702302
.gazetaexpress.com/ Name: _gid
Value: GA1.2.971087010.1645702302
.gazetaexpress.com/ Name: _gat
Value: 1
.gazetaexpress.com/ Name: __asc
Value: ff3f796a17f2b80496699881d3c
.gazetaexpress.com/ Name: __auc
Value: ff3f796a17f2b80496699881d3c
.gazetaexpress.com/ Name: _fbp
Value: fb.1.1645702302255.162441274
.facebook.com/ Name: fr
Value: 00wRdK29OPcMoOBbj..BiF2ye...1.0.BiF2ye.
.rubiconproject.com/ Name: khaos
Value: L00WNRAU-3-IEFM
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpqEA4W5I5lNyAkF7RiBdb4AgvEG2sPPZq/zJBpTbUTS2QIZ/w4ZobPwakCsIM/rTg4q9skiIvoyj79QniQXr/UHBx5r9vc1LNDyByN2tHx0Q==
.adnxs.com/ Name: uuid2
Value: 1070909527417005445
.gazetaexpress.com/ Name: __cf_bm
Value: NrepVQV.JppLuG3z0uPaFZoe4xvaviXNpkP4b5PMcRA-1645702302-0-AZ0Sk5RtsCnEZ+pL33AZP3viWYgnojEgv4NYXkXco2Su/JW/QDqvughymIMHsKreU2qI7mXVC7j4t5g0slBMFozpYwCHQbJmujKJWQhzPwV6M+d9Lez6gmF+/GuM+z0z3w==
.doubleclick.net/ Name: IDE
Value: AHWqTUnLDL_YfuXwZdvo2FkYqDZgsKqM2JMALTMJzXgrct3HmTo4vgGzlst9sPmpxjk
.gazetaexpress.com/ Name: __gads
Value: ID=e1f617bb7cf23a07:T=1645702302:S=ALNI_MZMszbWUS7ljz4SvTihXwokBroY1A
ads.gazetaexpress.com/ Name: OAID
Value: 01000111010001000101000001010010
.serv431.com/ Name: UUID
Value: 2b3bbc85-1c57-5a65-89af-5c88b88e4c8a
.criteo.com/ Name: uid
Value: 165f86e1-b64f-4c14-8467-b82751a60921
.gjirafa.com/ Name: __gjci
Value: 8a4114f40e134f60a9a6fa0f39bae358
.gjirafa.com/ Name: __gjbi
Value: 1950c02e131b4436b838d153c949ec34
bisko.gjirafa.com/ Name: __session
Value: a94f2ae8d66e41b5993eb11608419ba8
m.exactag.com/ Name: exactag_new_gk
Value: 8abf290fa37f4693a518728130307e0f%7c25.04.2022+11%3a31%3a42
m.exactag.com/ Name: exactag_new_uk
Value: 160040af7bc347b0b7824123c810e630%7c
m.exactag.com/ Name: session_session
Value: 18a7dc4e620443249eafa3e1
.mathtag.com/ Name: uuid
Value: 022a6217-6c9e-4700-8eb1-e8bab3e6aaa8
.serv431.com/ Name: ucv
Value: 1460-DE-1645788703049-24--573-DE-1645788702893-24--
.yahoo.com/ Name: A3
Value: d=AQABBJ9sF2ICEAUeUFS3_Omyc3kow8UWRDYFEgEBAQG-GGIhYgAAAAAA_eMAAA&S=AQAAAjHuzv3iGp64qYeSm7diPFE
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2GU)j-dtT!]tbPl@/D!9hy6]/Cv[%^ZS=Q76=Z5lyXR_.Sa.Shs-8f32)Pdg/CL28N^KwmuF3s?13GNb.elF*bpRz*qF1`*ba-++?8(o
.analytics.yahoo.com/ Name: IDSYNC
Value: 18zh~23ez
.tapad.com/ Name: TapAd_TS
Value: 1645702303207
.tapad.com/ Name: TapAd_DID
Value: 61099a53-3f68-4005-82f9-a2755b66630e
.3lift.com/ Name: tluid
Value: 437014107748309651823
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&044e4f77-a3f1-4699-8fb0-55a5ee4d3470"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDU3MDIzMDM7MjswMjFI8T6y6TPIfR/xEBqc2sflRFmJ3OeiaKWcGy/kT57tdQ==
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2718:u=1:x=1:i=1645702303:t=1645788703:v=2:sig=AQGwLNjxl6ikbFpDUlHCEveivgZpNJyz"
.media.net/ Name: visitor-id
Value: 2887039038886083000V10
.media.net/ Name: data-c-ts
Value: 1645702303
.media.net/ Name: data-c
Value: k-Trmu2Eb7n7KGx0Y8HQ6l1NnnqZ044QCygTFg2A~~3
.addthis.com/ Name: ouid
Value: 62176c9f0001389f3e181047218778cd662a8189316331eacbed
.addthis.com/ Name: uid
Value: 62176c9f0465c571
.addthis.com/ Name: na_id
Value: 2022022411314328400493401931
.mgid.com/ Name: muidn
Value: m1oHuTWeq3v3
.yandex.ru/ Name: yuidss
Value: 7075603231645702303
.yandex.ru/ Name: yandexuid
Value: 7075603231645702303
.bidswitch.net/ Name: tuuid
Value: 5b2a1f50-8d55-4e3c-9052-b6f8e8823b30
.bidswitch.net/ Name: c
Value: 1645702303
.bidswitch.net/ Name: tuuid_lu
Value: 1645702303
.casalemedia.com/ Name: CMID
Value: Yhdsn0BwMvbU0Ybjtp-H3QAA
.casalemedia.com/ Name: CMPS
Value: 5204
servicer.mgid.com/ Name: __mglb
Value: ed02bb11b748a9279413c1eb8e47c448
.tpmn.co.kr/ Name: uuid
Value: 6d42bb296b2e4327beddeb7206a54564
.tpmn.co.kr/ Name: criteo
Value: k-BcbzCkb7n7KGx0Y8HQ6l1NnnqZ0_EUSOpo2kOQ
.outbrain.com/ Name: obuid
Value: 40d82703-fd07-451f-8e59-03838f7f3ff4
.outbrain.com/ Name: criteo
Value: k-MNEykEb7n7KGx0Y8HQ6l1NnnqZ1PshncfK8AFA
www.gazetaexpress.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1002277%22%3A%7B%22page%22%3A1%2C%22time%22%3A1645702303538%7D%2C%22C1190148%22%3A%7B%22page%22%3A1%2C%22time%22%3A1645702303530%7D%7D
.revcontent.com/ Name: __ID
Value: 8bdcd6d120d7445d83c7c0b0a57ef5bf
.revcontent.com/ Name: v1_151
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-3Wiz50b7n7KGx0Y8HQ6l1NnnqZ3oU-l7o7JsCA&KRTB&23286-uid:k-3Wiz50b7n7KGx0Y8HQ6l1NnnqZ3oU-l7o7JsCA&KRTB&23287-uid:k-3Wiz50b7n7KGx0Y8HQ6l1NnnqZ3oU-l7o7JsCA&KRTB&23288-uid:k-3Wiz50b7n7KGx0Y8HQ6l1NnnqZ3oU-l7o7JsCA
.pubmatic.com/ Name: PUBMDCID
Value: 1
.adtdp.com/ Name: uid
Value: 0729c810-d4ff-42e3-b585-d489bf8ef1aa
.adtdp.com/ Name: pr
Value: aja
.adnxs.com/ Name: icu
Value: ChgI7PpYEAoYASABKAEwntndkAY4AUABSAEKGAiFy14QChgBIAEoATCf2d2QBjgBQAFIARCf2d2QBhgB
.dable.io/ Name: uid
Value: 18707000.1645702304045
www.gazetaexpress.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D81560c7a-bbdb-4635-a059-62f19be36e2e-tuct910f220
.gazetaexpress.com/ Name: cto_bundle
Value: 8g9MKF9IRFo1VE1BQnklMkJIcE1RajJkUVA4NlUyeG02VW1oamlZWWQlMkZhV0NEcTFKZFh6R1BKTlJ2RWhGc0FnZ0hLZGJWallLZE0xdUQ0T24wa2M2UDVDdnpYbHpGUiUyRmZ2UXFFaERybEpDcyUyRldFJTJCMThIcDA0dWF0Y1l3dlJYR1FITll2c0JMMlZkRUxMWm5uUmFTaWRCNXgxTHlnJTNEJTNE
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 15864712-B46E-4ADF-8900-4F69C7F669D4
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEBHtrPAvf-ezjEDrc6tm6bo&KRTB&16514-CAESEBHtrPAvf-ezjEDrc6tm6bo&KRTB&23025-CAESEBHtrPAvf-ezjEDrc6tm6bo
.simpli.fi/ Name: suid
Value: 676F585D40C648B89691288FCAE50123
.pubmatic.com/ Name: pi
Value: 0:3
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 2101496415489368585
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2101496415489368585&KRTB&23263-2101496415489368585
.pubmatic.com/ Name: SyncRTB3
Value: 1646870400%3A13_56_54_220_21
.adsrvr.org/ Name: TDID
Value: 0225f992-746c-4db8-a0b1-fdced593cb28
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiwztrm6OS7OhAFGAUgASgCMgsIprjGk__kuzoQBTgB
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-0225f992-746c-4db8-a0b1-fdced593cb28&KRTB&22918-0225f992-746c-4db8-a0b1-fdced593cb28&KRTB&23031-0225f992-746c-4db8-a0b1-fdced593cb28
.pubmatic.com/ Name: PugT
Value: 1645682971
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 8

31 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4665846415960239&output=html&adk=1812271804&adf=3025194257&lmt=1645702302&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gazetaexpress.com%2FKLITSCHKO-PARAQITET-NGA-UKRAINA-NE-JEMI-NE-LUFTE-DHE-LUFTOJME-PER-VENDIN-TONE%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645702302042&bpp=3&bdt=515&idt=243&shv=r20220221&mjsv=m202202180301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1524244190953&frm=20&pv=2&ga_vid=771925142.1645702302&ga_sid=1645702302&ga_hid=1280571150&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31065255%2C31063246%2C44756895%2C44756896&oid=2&pvsid=3415778849521025&pem=902&tmod=2035453144&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=261
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-heRxTUb7n7KGx0Y8HQ6l1NnnqZ0SlM6RoXeCKw&expires=30
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-XHMnTkb7n7KGx0Y8HQ6l1NnnqZ0ORWtCUwF1nA&ct=3&cv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://secure.adnxs.com/setuid?entity=52&code=k-xQyRJkb7n7KGx0Y8HQ6l1NnnqZ2pnOPJ1o10KA&seg=95287
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-youkQ0b7n7KGx0Y8HQ6l1NnnqZ3WWpfAdyCRag
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-XHMnTkb7n7KGx0Y8HQ6l1NnnqZ0ORWtCUwF1nA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-4hhAc0b7n7KGx0Y8HQ6l1NnnqZ1rBTC5GQwKzQ&dongle=013b
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-XHMnTkb7n7KGx0Y8HQ6l1NnnqZ0ORWtCUwF1nA&custom=&tag_format=img&tag_action=sync&custom=&cb=8b116f54-5e56-41dd-b34f-19b9f2c20160
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-Trmu2Eb7n7KGx0Y8HQ6l1NnnqZ044QCygTFg2A
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-XHMnTkb7n7KGx0Y8HQ6l1NnnqZ0ORWtCUwF1nA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://an.yandex.ru/mapuid/criteois/k-ae0dm0b7n7KGx0Y8HQ6l1NnnqZ37u81_rli65g
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-YMyS7Eb7n7KGx0Y8HQ6l1NnnqZ2kYZXBd_qezQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-9IJlXkb7n7KGx0Y8HQ6l1NnnqZ2AMNZKt1YPiQ&expires=30&user_group=5
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-HZMga0b7n7KGx0Y8HQ6l1NnnqZ3Xm9-wGPHtIQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-BcbzCkb7n7KGx0Y8HQ6l1NnnqZ0_EUSOpo2kOQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-MNEykEb7n7KGx0Y8HQ6l1NnnqZ1PshncfK8AFA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-JX8HREb7n7KGx0Y8HQ6l1NnnqZ0qT2mnNsiKVQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-3Wiz50b7n7KGx0Y8HQ6l1NnnqZ3oU-l7o7JsCA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMjMmdGw9MTI5NjAw&piggybackCookie=uid:k-3Wiz50b7n7KGx0Y8HQ6l1NnnqZ3oU-l7o7JsCA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://cs.adingo.jp/sync/?from=criteo&id=k-CJvhtkb7n7KGx0Y8HQ6l1NnnqZ21le7y3Kf2_A
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-NZM4jkb7n7KGx0Y8HQ6l1NnnqZ2-1rOlRM4Eog
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://adx.dable.io/pixel?dsp_id=6&uid=k-wGRKZEb7n7KGx0Y8HQ6l1NnnqZ2G8JhO-myB6g
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync.ad-stir.com/?symbol=CRITEO&uid=k-N1hsR0b7n7KGx0Y8HQ6l1NnnqZ1U2GlbES2cAA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=QYBcbUqfp&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
ad.as.amanad.adtdp.com
ad.mrtnsvr.com
ad.tpmn.co.kr
adgen.socdm.com
ads.eu.criteo.com
ads.gazetaexpress.com
ads.projectagoraservices.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.adform.net
adx.dable.io
adxbid.info
aghtag.tech
agorahtag.tech
am-trc-events.taboola.com
an.yandex.ru
ap.lijit.com
b6d2dc3f1cafc5805f52178ed75c3300.safeframe.googlesyndication.com
beacon-ams3.rubiconproject.com
bidder.criteo.com
biddr.brealtime.com
bisko.gjirafa.com
bit.ly
c.mgid.com
c1.adform.net
cat.nl.eu.criteo.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.projectagora-adtag-library.com
cdn.syndication.twimg.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
certify.alexametrics.com
cm.g.doubleclick.net
cm.mgid.com
connect.facebook.net
contextual.media.net
cs.adingo.jp
csm.eu.criteo.net
cw.addthis.com
d31qbv1cthcecs.cloudfront.net
dis.criteo.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gjstatic.blob.core.windows.net
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image8.pubmatic.com
images.taboola.com
jsc.mgid.com
m.exactag.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.mediawallahscript.com
pbs.twimg.com
pips.taboola.com
pix.eu.criteo.net
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prg.smartadserver.com
projectagora-483829-hdb.adomik.com
projectagora-d.openx.net
projectagoralibs.com
px.ads.linkedin.com
r.casalemedia.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
s-img.mgid.com
s.ad.smaato.net
s0.2mdn.net
s333.adxpremium.services
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
serv431.com
servicer.mgid.com
simage2.pubmatic.com
sp.analytics.yahoo.com
static.criteo.net
stats.g.doubleclick.net
sync.ad-stir.com
sync.mathtag.com
sync.outbrain.com
syndication.twitter.com
t.teads.tv
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
trends.revcontent.com
tsdtocl.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
video.twimg.com
widget.nl.eu.criteo.com
www.facebook.com
www.gazetaexpress.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
x.bidswitch.net
ad.tpmn.co.kr
adgen.socdm.com
ads.yahoo.com
adx.dable.io
an.yandex.ru
contextual.media.net
cs.adingo.jp
cw.addthis.com
eb2.3lift.com
gum.criteo.com
idsync.rlcdn.com
partner.mediawallahscript.com
pixel.rubiconproject.com
pixel.tapad.com
r.casalemedia.com
s.ad.smaato.net
s333.adxpremium.services
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sync.ad-stir.com
sync.outbrain.com
tg.socdm.com
trends.revcontent.com
ups.analytics.yahoo.com
x.bidswitch.net
104.107.161.75
104.17.120.107
104.19.134.78
104.19.135.78
104.244.42.72
104.26.1.156
104.36.113.107
13.32.99.46
141.226.224.32
141.226.228.48
142.250.181.226
142.250.186.98
151.101.1.44
151.101.194.133
152.228.222.122
159.122.14.34
172.64.201.10
178.250.0.139
178.250.2.131
178.250.2.146
178.250.2.148
178.250.2.150
178.250.2.151
18.196.230.57
18.66.248.38
18.66.97.115
185.184.8.65
185.29.132.245
185.64.189.112
185.64.190.79
185.86.139.95
2.18.232.7
208.88.224.28
213.202.235.8
23.0.33.234
23.0.42.150
2602:803:c003:200::41
2602:803:c003:200::67
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:1ab3:789:1032:20e3:21
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::ac43:4bf1
2606:4700:3030::6815:1b4
2606:4700:3032::6815:4ae4
2606:4700:3036::6815:4f16
2606:4700::6810:125e
2606:4700::6810:5714
2620:1ec:21::14
2a00:1288:80:807::1
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:809::2001
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2006
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:400c:c0b::9c
2a02:2638:1::11
2a02:2638::1c
2a02:2638::3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:5f80:a::b212:e78a
2a03:5f80:a::b212:e7a8
2a04:4e42::300
2a05:d018:d29:3601:767c:59f3:46b6:92b0
2a06:98c1:3121::7
3.124.87.92
34.102.163.6
34.211.16.202
34.248.172.222
34.98.64.218
35.244.174.68
35.71.131.137
37.157.4.24
37.252.172.123
52.239.139.164
67.199.248.11
69.173.144.138
69.173.144.165
72.251.249.9
76.223.111.18
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
07ec0272972dcdb6e079ce032e15cc1f6de374d89b9fdb9cf9af5c2dd2c1070b
08adeb4cf2a726c42cf7bd95f37b443c13d4d676779ad3f7899f3addc3c06756
08b562cee19c4ff0e74eeb29a0b4f4013644c02f0cbc6ebf9f22a434cd527807
08dd531db8897c9e7039eb2c1e5306d756ca8403f14a84c02724e2086455289c
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
0a5377eb8e83be2ee2593492f90bebbd34724ec051ef4e5332b9d4d4ea0195cf
0b03ca894c649ccec6bde622887983b0231936d740b46cf9a4e0919eecca75b8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0e0acc73e788587d1ad30fe3a71bbc02dbaff6681c2d6499540094e6b6506867
0e4af100a42dd45aa66377c48b24edb4ddd16831513508917ec5e87e0ab98600
0eb0596921de03eb531b79eeca369e592c06f9cdfdde04f6312a0a797c2e31ae
10aa0040da3ba5db50a4c9ebb145637ec36c70cbb43bb4f340dc29cebd2c3db4
10bd74a09492dc854fdc2bd3a3b5d595630d7d0351321a7c46f79727a334a8e9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
141ecbcb8011fd85efcdc3de40d116e194edc47226fdc9d6ff5d90b2a2756840
14200d8b2f52ae739fb302c4be4c8f5677792594fc7adf5ed13f9c2208b9f04b
152b0d18ddfc0ece028e5a5bfec6a87bc84f09c22424cd4e416a70939b04b914
15d1ae441e2e1dc89be7c2917f81a596d4da5dac3683df966ab204eb8e3851a4
16677b42606069de46f312ab187c8e2667365d69f45bb7a9a8611e46406719d5
17e52ef4f8d793e26ef6578dc8cba66ccae0f18f0ee19a5157587bc2f161159f
189bbf954aa1e1351dce2d5f01b70f79bc193f9737af3d6d950d0ce64c60dd27
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1a453f6aac4f037d390acfc4fa3c8b1968f45fd9c69112e2abb5cec9976905d9
1aa448019d230f01c449bf48961dbeb04c3d5b4bb130d4fe2501f9a646cc06e7
1ae7ac463e28311689703ffa2ff93c88836fb7807fbb7b980595c4d6cd295fc5
1bf5ec97a26ec5291f86b864fe727de79accd6c0bd484ff3dfe75e74cf3289a6
1df83eb9624e35368aa45d450aee4971a08d43322dfb94eb368547a7b379f977
1ed7d434cc3f89a09a5fb5385a44b646a302cc0e7f4a09f84f55dfeb14d1f100
202b60c49aaffc7e0f217e44c76e1294a5ddb44cfd09d3dd4b3f6fd3b2361f01
21fbd6b11f1cf10a085cc6550404fa92a55d0b3471b0ca90cb40be00466b8fa4
24c0addaec6b9472ff5c995941929d404480f5963d77125842e61cc995e951d9
24cf897961fe121e20c0bc30c494caa28660da505956033b29b3bf9a3ea6081a
24fb3efecb78851a3fb790167b9b27bcf91c961e4b37de95cd18c9f447aadc6e
25176cd5a6ed4e76568c9be2d0b1115e64de7d476efde2b073f9c0d84232686a
2522cd8838af03dd97ab2b307c3400ccf108b481db1dc364d794660037b86b88
257a4584294f6aa97aeb3e9c8ddfdef3892ca1b3530213f80a2b431f0da20159
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26a29271ba8db78326256fef88284da60529ea622cf2bcbb584f45b786301a45
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0
28e95c0c629214fd64fe7c628cc37357d903aa65fb950d35d2e43d9c07e10e3e
293e679d544ce9ffebdbfa88bbcbc6d03a303d256ec52bcfc323e1174a1f5685
2979db064db5a84115be4dd5e2228314616e8ded158e463fd808efe07592ea01
2ace54d6ff26823d90a673bd982f0e9ee1dd338c9742b90722f5d8d2b405b1b5
2b314da9158594470402a727c0a8c5cccdf8298eed6697fb59bba7c03a8168f6
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
2cff11baac58b00d9614d94aff497aaddcdab8f2dcfbce8c43e09d87a128c56b
2e43c0507c2b3f247c1748237b1e7db8ba86d0c8c128b66180591409031f5532
2f3d109d28386b355c2fc8fb0d341e84324ef555552d414eab113b376cbd8f6d
2f8ea8c10216a9a78eef90d00132a5164eb489cfee86b08ebf461819f376469f
300cd1767d24de9e5b74fb1869daef024ad8d005d40d6d5c892deabb53e72d1c
31dba1aec81e6b14d4ba4c8ff7974e33f480719a71ea60d42361c49b59c0a2d3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3344431c331667c10981464ebd7821eb3b3f9dbd9b0b6df703a6a2f06bdf277d
3372b610f4a56022cfb6a33c5c497fb832d4fb48ec77301a3d6251028b4b15fe
34e344bb779a162b9ae130839294ff618a10b9699d69ef4d1853b3f691e7e827
353d264758108024a6d220f2be1f80cf6b69b7cc767ce842b5840869df48659d
36234dfc3643d15135aa25829d06d32fc1a843e9bec39b64ca0ffec08eac4a45
366623e43cfee4bf0d50bedc9a2af705c1d12da4a03689b4995cade024ea7cf2
3711a93caeaa494d7ed37c044fb9121f596628f38c0bd77134d5a62a43873839
374185e53bbef45445536ca0bec29e8ee94dd9c3ef96914dfa69a13447964ca9
38a80cdfb60f0a202ee73fb90362ac06d0afe951c322c7fcc7793a7366056c70
3c30f0f816ada3a1410045d740a98e4d2faf07fc74ffc0430678b21abbd05138
3dd9aa57367b6cc740caae552d411726e023cef38b4aab1ab365a7ce34b58d76
3e8e771386dfe8e7be09c55de000873c402a6839263ef0d5c783f6adff69445f
3ee01bd79e58c77dc4276a96fa5dcbe396c024538353c216894c5d6abcf2b6e1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4068a76d3988c0148f9e9241147f2555a4447dfa73455679c7f82709d3e1e236
43519fc44b476fbe3de469041a267e6efd53e13dca8c3536d536d7cb029750f0
439c15719fd95c4f95dafb40d8d669534bb8a04429ec570d6f7e0ac73e727627
43a68a4369e2d43844b5a1af07a6be64320cd9852f9e3798db23d92618580a59
44f443dfaee7f8cc3ce88745cbb4789e2193536d6716aed93c65e5ae3b2208c7
45f3d2831324a589daca35026a3e739d83f35b90da5d0b4366de433e8fcc14c8
46bd65df4f409fb2e7308c958be9e21ef67a5a8a253a65b1ea0da54f13c8523c
486bcf8532c028937fb68a57bcf22a6e0862c8e1ab157ea639979d0f7ea9b74d
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4ad6abf38a888134b6470fbab8aaedd5dee0b43ad7e4660fa3fbf35fd46371a3
4d3c2716fb807011f9b2da62eccb916cb685d127d731c19b72e91d1116b18b71
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef36d3e34b930ad3353f5ef5da59ff015b1954c2091c0f84b3f2e178f093ace
4f57b5d5c7aa69840ccb450840ac352a4ffe64ffcc64a8c11f5068e9551e5336
4fd7e4addfa6af607117bf218a0bee89074525db02f98b9389efa3cd8e6d1b84
50b8777f3fd1e8bc8c8d5b7219c5a3b767c48544a8ed5fa02b073ee6e207eb5d
50f11cdba975c6542277e76edf03f8dfbc9e554979782e16488e9be2b333fc30
533082022bc927661c3e1117efd56ad87697ebf11b5e798341a2639f306a3c86
538cb104157f6987b890d1f4701a3bbb121b23fb1ac1d05e5698ee8f1cacd6db
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
58d5dd78af31fedc394fc1576004d11f96384907eaffd5260382daeefe8dccb3
595b17ebf33e54cf1b184bd58a2c709c5b52a1903b85d6ad889d0e4753d677ed
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
5cf9940d5d9eee752c5b9ea23c20a72dd6c7f9f423f86ce27bc32622be5db28e
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f7ef35bdb15376d58e3ea16190d1d92a0379ae2f5b0b0108d393369dd09ed4f
60c01ff4faf3b83a7fff38b5d554ca9baf2af29f11dbbff8ed978442c08a3150
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
629bf5faeee4dbd13b4231131eb04a7319ef8ea4eaf72e3e7d5f94655364f6db
63603c3f2e54d2a51671554bcdc6a2bc4bfbb2667bd07177cdb00ef708addb29
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
655564f3a2be989067e2cb2c6bc9995a55ae13ec9cc0d0c3dc128961faad15e9
658897a0574f6f8cd5fb48ed698175ed1b5af613b7467b449d747dec7d353efa
658c14d9b1f327a4c44cc3295d08584eada1e2d086497f748ad972799f4e4fc5
661f07b362b89620cf5f7f4155b007439568f5ed71e2025a12fd670522aa93aa
67f1b35596c2e0249761ceb4bba91f5ca25c459582eca2b44dbbc13ebdd72377
6be4aeb8ab5cffa42a0f0ad08a780289db5dd6d9d72ca1d0d8c83f3590b50901
6ce0ae3754107d66ad7dee13768fc169f4c63cce988aed318ea01250be05c1ff
6d4b871026e1912263de416e2998423157080532a674bfb55eff6372495521ee
6daa4a65038604611b78934d09233eaf8029d4e440324ef03bbc33de2e106d20
6db618fe9b91c2b6325eb396fe9f000c46e5e0c1c71bde62c37e374261b13d80
6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb
6e98296a5dc52aee5192809c98438b50e4020766536d0428194f8f14d390d203
70d067735991c685e2ff4b1002571d94671a3cc0b93a4c367a9f268c2d4a8a97
7162f604bb0a4906fc12f7359a0c94a78c782293149d0da1807239d992572fa8
71c6f3e864d451643c25a29975e188b2431d080c7ea2c99b1bbade1b42c67f00
721aa07f7ab479d6074200d71c3533dbc117499fdfa8f5a455096df58ce482f5
7234154a31ead4d0cb049ce3f167a43cec6cbcea8df1c6563c364df8355b2a2d
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
73502f3c1e90ecb7345cff427ae2cde461c83726fbb44f11148334af4ddce0eb
738fe0e71d37d6599ad5e289e43714c6e9b57231321be9f4e800727c73bb4850
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
7522df791a4f3a4eaa6634d47b6e2401a10f3554a8b38172fb2bae898f0ab709
760042c74ca436460ec38ee573383b5eb120a272f56e2ed526a62b7757eacd22
761b68791cfd91bce8a3cbc8be738d36e8b45d1664e14bc820f5265ac4cf8e7d
76a90135a3f44e3108f3a857d9bc86327de6be031917368293a94cd5a6935ef8
77e890504e6d97cf4ed17da6e364f8224b99892d718a958295d93072bfeace6f
790ec30d324db549e4f6f3c493251e6e7d4337f0abb13c8e8873fff8b7b235fb
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7be08b5eecf7522462a34d509a481ef77c8a065fc4419e73678c9aade7870e52
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7fc55b7598d5e8f09fbdbe80a70d302fabebeb4b39975d8f016fb2ce89cd8421
80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8
8255d2b282e35c86eb8e27322381996db6fe6cf040c316c0ed05976dfabf48a2
82cc1ddf2e85c5cc94d1573cc0f0496cb79830d7c79a9c72a156038dc9f5d4c7
82ec901c333b7304537b957771b3cc612e50849887caed431db9917d89adf58c
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33
8308aa6b500482fff13a0aff99870a4f3e8f01d3a19a6c4c17a78e251c949208
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841de2a6537c740d626eb1bf53fbdde1fa8e1a3f1c8542203d9d098b502b16e3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85121a60fa28046f20d9a0f53aa7f48389804115c109dd8c1ad24b2316483d2e
8590ee2871189fe2bdb44d32ceb04e73194eac8d2785113c8a87c79bcec64f3e
86441c9a21f4c77dcbb2a4f020d904179f15c8e9b35f3f85d5d053ee62c13232
86653213001a360e63f3fb0fbe7294299009c9d7d9bafe0f4745a1b742082187
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86960b92c227276b7ece5da51dad789ec45424f1294bc5884cacaca7d44cc595
8714b2bd3f49c7a07bd1b684237573c6c87882c11f4c23ab2169f775344ebe46
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8cc944ab48bfe65fba34b72bca00df781e01d86cc03d7b198cdb05749c6f6979
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1bbb342326aea4149633fbe8bdab90e946a98bafa2bcadd465171f80097f2c
8e700bddd1405ed9feb6cca2523254b13b0bc2191f0728170099746792e7caa8
8ea598da9992b36a0542e349335c19953d655652706ede13b7c411a95f7119dc
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f584b8a0ae2d6937d68844965067259472504a23c30e3ea5c5e6057bb262cdc
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90be87f0c2e557bd2a8773a879553fb3c4c983f88205dbc3be6b150a20e93c43
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
92ed2e922db059b0d3d085a487e26de00b36f9548fea39ce8faadd41e46c3056
95da1d77c8bc2b4b9e0ee65e65839200f28ecbdfe3aad3142094712aa10c1800
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
97ed3ad479d680ecffc4ec8911b557d0ebdc081f79530a2a0fdc588dd62e69cb
9800465cae64bdf8617aaca614fe37e565cf5b9e577daedd111816175e406b04
98be9d338e21ab85e0d5ad625b1da367f9efb0a256d75779bf28969325d50d14
99c5dbef143c928cfa20dbc8a697454ca9f41b172b5b4eab5b804fcf69db2a53
9c39e1caee8b43229341015f206fcb45e6701c004cea3d9fca2057a73bcca526
9c7651b3d477074df4414cef97004a0ab813859f927973d7af0cfde7c7f9c7e2
9cbb9be7acdac8ad96d8419b8eb4e7120b05295a42d3c50919370d1fc83547dc
9db6713aabf5639680dbcd527b19a7f181ea6144a2aee236d13f6f042a902a3a
9dfec6c7e2254959d01350a2ea2f613ddaaf9e92249d7bb13b75b4dd0837c534
9f91b099723622b7d7c6676488db096b87d6e47e44e2498bdf3701fd8d7220f5
a0306b0fea0e167153e37ec9470200d3394d48cc8870250e772061ad4c1046b4
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1c5b3ae01230c0326a96dd7ba2d4acbad88cd2f07cc7e27e89e184e0766952f
a20bb5092336278e59ee95251bba92f80fa3baef5505ec920c8f8ba9a6cc6fab
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8beac6e279b2f8a64b52b96208fa3b6b1baeea4aba4628f029f148a1f2a190c
a9b6ce5bce35a38960eda5c669c47447957cf16042d21a91973f55393e5b3b55
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad3977d16a403fd126d28ef1ea650bd005364a8e139e261ef6c474f56060a4e8
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad8dc1681c0451d8590af4d2d08b7b16e4f6edf197f805929d6a85a2be1b622c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18983695372f4a79f7f99b514ffefaf9ff8f1bc359bc8ce59ee024638145c68
b1a2e5ffa0b16b7f55eba0ace46076a613f872f8844dcd9667dec900d5f27e46
b2f31f99ca9ab4f3bc27bc4e679b72b32f764b362ade3735d54dabc4ff23ee7e
b3ede5c007b843287b8ffd0c398af54969710362e87a04e571f5e140ef2a35ee
b662abc2f7db1bd3fba0173f6d3975cb4e5a6b5aabffbab8d3f9a6c5980ec9cc
b74535a57fbaa47fc095e0b785720e29a86d8a141fc92d3792047d5b00bf787d
b7d6e283a90f81d61aaa66d7a826864c7776c87b3fb564a5e851b92cc42dead1
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
ba512ef98db602354169f125072cf47551a223e30bdbd79d4970c3e30ca7f3e5
ba5f27b98341971dc9c7e67ebac8cd95bdbd8b9c6de041d36a639a8d21db1fd1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb85b132d27b1108689580228e1f8a131d0eb8877e5c11b28935155fb02a548f
bc221011508d751dfc26dc97f698ccfa9a6a7dcc94c9cccccbdf5507116e395f
bc329dc2bce8e046cea95a8541cf350bc1f1ae5601dda209aa046c50819df254
bd150d3628b16bb74bd0eaa4e819d6c3d440bd98be45997c1c91cae8db281265
be1276b9fcc751ea3d53906870d6328216238d74a223806349150987dfc7a568
bee6ca6e6d56595d4ffacbab7e8f7b3635d670fa63a420f4bc8e587a5717a891
c31b2375744708f38933b2cb26263a36bb9c254ba30d3d669953136ffd70dbe5
c5a10a8cd332ed495f1f3a77ab3857dd030a1bd22b6e22921f9bff29fc065737
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c781010a43dffcd6f894dd3d1f5103c589dab3112917a2fddce968f12ca4e1e3
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
ccde4f785379225dc4d399f13037ed74a32a60b8c01bb99d76a4016903339fe5
cd01ea3cd56c3f77b2d294910bbe09a139ee76ffe85a9d00f7d512606987d865
cf0a680b3db78402b1968d02a73e5d14ddfbee11d87f60e9cd5ac7cf8c553676
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0378e0c98497eb95d670cdab0984a5444b5d00f6f2d9fbc389e271ab1ca3e36
d11b010cedf3a5ff81a1cf7a79b50f6606ac6eddb6f9047bedb421e033b6c602
d1b8a7a342a97c83b3d9735d6e09d9b38d4139246d8d02c8f17098b4ecac72d3
d1f70c2a686b0c164caa13d208f8d02330a9a97d55a6c4dd037f81fb73c08a63
d3735048fdad2d18bf8bcc8c5c795dfd027d5d5123d548fd93514c9baf790cbd
d3ae011ac3adc48e8c02bb9d79eec321b0cfaad5509fb2251a60ff46fc7b1a13
d47db5dc03dbeebb22d6d20aea28f3470cf7c57eac779edfd8fbf958f75672d9
d6045966d65c172b7ae03892afff4a83a922ef3fe27dedec338922069be988d9
d765352f4b8ad1f4cac3f0c34d746a2ce01c1f5279106c6ff34cc32d59509a79
d873bcfb9d4a6d58032ada85ff9699031f549fd06032a461e6fa0f74998d9620
d8cbdf52d0cf238583186e8f86e472ad6e71e367d7aff73a653b50b02c01879a
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
da27efdd8f79b8ae18b91e1a0e522b138b20b3632bb9c9c77e20adbc4a9713e2
dc6f9465b51ddd159e5268944a013f29114cde4d11265d63ebbca2ee91081f70
dcb0ba76d03300d7391a9ee2c885a39110e632e77fa3aa810620d577a0934fc1
dd5668f6c5c90d949387fa704040523612385d3e3782d4e9e4dd6b2134fdd52b
ded2c002d549e7864b09e18b0663c4db8c1306fa7476fa4acee0f657db685a87
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790
e2ad654100a53dd460b3678917944d74b9d458681c185d1d183b7c690369ee27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3df45ab6279fb77347df39b0ea3f2f088acb1754dd4f17e988733f1abd6d5c9
e40ce0930cd0748fb92bc75739f641212565a3f3f2d719c667f90083d07fbaac
e5617f1b656841f411c17fc96806b5bbc9bc925a9eb68e6bc95a4212e898ba34
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e7469447d6e682a6a60cf92157d09269db2d639b2caa477ae0b2efbceb475637
e7f586d44fb5fde7cbde66bc458d5be1ed0b98663b9693da824f68dd5bbbb540
e8b437d60188c442585796d764a8553f266fa878437b96be8009a1642e6cf278
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea0414a93716ed509a1e28d7f550372205a064865dcd242649f3fd042b4bcbcc
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
ea8bae5fa4f9b020e743eabf735ea410c1088898c85ae11cb98cb8620f21f06c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053
f277cc840da33f2e4731e6b3e5403d7bdcaa299304aa61452deb63e297a8523b
f370c1978c064ed715099f885066fa3d9dbe18cc821186883ff35782418ff565
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6927908310a9d8ea2a4e5594452cefd9dc8c8aa71bf101c4d497964b16efedf
f6b352979b0153deb67020a332f179fb99a0822040de5e019af272c2920192b1
f9cbd46aae660a6113b8565bb2e013e0b7cf7be640933f11b72ab6e9dc0412af
f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342
facda30c07fffae1ead04152922e1b65421e79bec6e2dfa54d21ad3b0ace9e58
fad256c668aa1eb51fa18a925e95273df342e46f3162de728123b4c1fb922b5e
fb0f534cbdc4f12e5ce356d330df1f9212dab3b9035f9ca084d6c54d5e7cd821
fc7cfc40409949876b0ddd37a47a6b01cf9b0747ea3c607214900e65b5da2085
fcc16bf1238724eedd1638bf0937b691bb01d08e585ac5e1db274acb47147c5e
fd857341e3bc19e8c375e272b2d0c5456d7e01f3f15329dd03bb9b3333e6fb32
fee2e92a439fcf714de516125d7392bd21880a9b7b558f92e578267cc7b5518a
fef7c3eed906d6262687bdd1a5cd8f08c88b80368b5368bd6af84b0f694a2396