urlscan.io logo urlscan.io
SecurityTrails logo

www.gazetaexpress.com Open in urlscan Pro
104.28.0.182  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gazetaexpress.com/
Effective URL: https://www.gazetaexpress.com/
Submission: On December 15 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 70 IPs in 12 countries across 66 domains to perform 631 HTTP transactions. The main IP is 104.28.0.182, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.gazetaexpress.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on December 9th 2019. Valid for: 6 months.
This is the only time www.gazetaexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.28.1.182 13335 (CLOUDFLAR...)
110 104.28.0.182 13335 (CLOUDFLAR...)
21 2a00:1450:400... 15169 (GOOGLE)
1 13.79.176.48 8075 (MICROSOFT...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2.18.232.7 16625 (AKAMAI-AS)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a03:2880:f01... 32934 (FACEBOOK)
29 208.88.224.28 40824 (WZCOM-US)
1 9 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
25 172.217.16.130 15169 (GOOGLE)
1 13.35.253.113 16509 (AMAZON-02)
5 6 185.184.8.30 204995 (RTB-HOUSE...)
7 185.64.189.112 62713 (AS-PUBMATIC)
1 23.210.249.164 16625 (AKAMAI-AS)
15 185.33.223.208 29990 (ASN-APPNEXUS)
1 18.196.104.43 16509 (AMAZON-02)
7 178.250.0.165 44788 (ASN-CRITE...)
1 216.52.2.30 29791 (VOXEL-DOT...)
13 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.26.0.156 13335 (CLOUDFLAR...)
2 2606:4700:30:... 13335 (CLOUDFLAR...)
1 143.204.214.3 16509 (AMAZON-02)
7 2a03:2880:f11... 32934 (FACEBOOK)
1 91.228.74.184 27281 (QUANTCAST)
1 2600:9000:205... 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
3 52.59.131.208 16509 (AMAZON-02)
1 216.58.205.230 15169 (GOOGLE)
1 35.157.160.140 16509 (AMAZON-02)
3 23.210.248.12 16625 (AKAMAI-AS)
4 17 104.74.100.205 16625 (AKAMAI-AS)
2 18.194.103.60 16509 (AMAZON-02)
6 34.96.108.236 15169 (GOOGLE)
6 2606:4700:e0:... 13335 (CLOUDFLAR...)
10 20 34.95.120.147 15169 (GOOGLE)
6 37.157.6.253 198622 (ADFORM)
3 2a03:2880:f01... 32934 (FACEBOOK)
6 185.86.139.96 201081 (SMARTADSE...)
4 2606:4700:e0:... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
7 178.250.2.130 44788 (ASN-CRITE...)
9 2600:9000:205... 16509 (AMAZON-02)
32 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
33 2600:9000:214... 16509 (AMAZON-02)
6 143.204.213.153 16509 (AMAZON-02)
6 104.16.68.69 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
6 23.111.9.35 33438 (HIGHWINDS2)
7 2a00:1450:400... 15169 (GOOGLE)
46 151.101.14.2 54113 (FASTLY)
20 55 151.101.13.44 54113 (FASTLY)
7 7 18.185.163.33 16509 (AMAZON-02)
4 69.173.144.165 26667 (RUBICONPR...)
4 4 40.113.136.100 8075 (MICROSOFT...)
7 7 185.29.135.42 30419 (MEDIAMATH...)
20 151.101.114.49 54113 (FASTLY)
4 4 151.101.112.166 54113 (FASTLY)
14 14 216.58.205.226 15169 (GOOGLE)
6 8 52.49.118.177 16509 (AMAZON-02)
4 4 34.216.239.76 16509 (AMAZON-02)
4 192.132.33.46 18568 (BIDTELLECT)
6 141.226.224.32 200478 (TABOOLA-AS)
9 9 35.157.107.235 16509 (AMAZON-02)
1 1 35.210.239.72 19527 (GOOGLE-2)
2 2 136.243.75.32 24940 (HETZNER-AS)
3 7 52.18.172.27 16509 (AMAZON-02)
4 23.5.109.152 16625 (AKAMAI-AS)
4 4 35.176.88.2 16509 (AMAZON-02)
2 6 3.224.181.188 14618 (AMAZON-AES)
4 6 34.253.243.224 16509 (AMAZON-02)
3 5 35.190.72.21 15169 (GOOGLE)
7 7 147.75.102.200 54825 (PACKET)
4 185.59.220.29 60068 (CDN77)
1 1 185.31.128.129 54312 (ROCKETFUEL)
1 1 37.18.16.16 205675 (HYBRID-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
631 70
1    104.28.1.182 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
gazetaexpress.com
110    104.28.0.182 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.gazetaexpress.com
21    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
adservice.google.com
1    13.79.176.48 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
gjstatic.blob.core.windows.net
1    2606:4700:30::6818:7faa (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
adxbid.info
2    2.18.232.7 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
1    2606:4700:30::681b:accd (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
twpasol.com
1    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.onesignal.com
7    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
29    208.88.224.28 (Fort Lauderdale, United States)

ASN40824 (WZCOM-US - WZ Communications Inc., US)
aj1431.online
9    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
4    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
25    172.217.16.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net
securepubads.g.doubleclick.net
1    13.35.253.113 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-113.fra6.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
6    185.184.8.30 (Poland)

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
ams.creativecdn.com
7    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
hbopenbid.pubmatic.com
1    23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
15    185.33.223.208 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
7    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET - Internap Corporation, US)
ap.lijit.com
13    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    104.26.0.156 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
video.gjirafa.com
2    2606:4700:30::6818:6d7c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
projectagoralibs.com
1    143.204.214.3 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-3.fra53.r.cloudfront.net
certify.alexametrics.com
7    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    91.228.74.184 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
secure.quantserve.com
1    2600:9000:2057:7000:17:5578:e080:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d2zv5rkii46miq.cloudfront.net
1    2600:9000:2057:5a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
3    52.59.131.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-59-131-208.eu-central-1.compute.amazonaws.com
message909.gazetaexpress.com
1    216.58.205.230 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f230.1e100.net
ad.doubleclick.net
1    35.157.160.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-160-140.eu-central-1.compute.amazonaws.com
www.summerhamster.com
3    23.210.248.12 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-12.deploy.static.akamaitechnologies.com
sync.teads.tv
t.teads.tv
17    104.74.100.205 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-74-100-205.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
2    18.194.103.60 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-194-103-60.eu-central-1.compute.amazonaws.com
sourcepoint.mgr.consensu.org
6    34.96.108.236 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 236.108.96.34.bc.googleusercontent.com
ads.projectagoraservices.com
6    2606:4700:e0::ac40:6c13 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
projectagora.net
20    34.95.120.147 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com
projectagora-d.openx.net
eu-u.openx.net
us-u.openx.net
6    37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
adx.adform.net
3    2a03:2880:f01c:20e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
an.facebook.com
6    185.86.139.96 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
4    2606:4700:e0::ac40:6b11 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
s2.adxpremium.services
10    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
7    178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
9    2600:9000:2057:5e00:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d3lcz8vpax4lo2.cloudfront.net
32    2606:4700:10::6814:180b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
geoip.insticator.com
event.insticator.com
cms.insticator.com
4    2606:4700:10::6814:190b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
b2c.insticator.com
33    2600:9000:214f:5a00:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
df80k0z3fi8zg.cloudfront.net
6    143.204.213.153 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-213-153.fra53.r.cloudfront.net
c.amazon-adsystem.com
6    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dmx.districtm.io
3    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
6    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
use.fontawesome.com
7    2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
46    151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
cdn.taboola.com
images.taboola.com
55    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
trc.taboola.com
7    18.185.163.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-163-33.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
pixel.rubiconproject.com
4    40.113.136.100 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
px.powerlinks.com
7    185.29.135.42 (United Kingdom)

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)
sync.mathtag.com
20    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
match.taboola.com
4    151.101.112.166 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
bh.contextweb.com
14    216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net
cm.g.doubleclick.net
8    52.49.118.177 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-118-177.eu-west-1.compute.amazonaws.com
match.adsrvr.org
4    34.216.239.76 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-216-239-76.us-west-2.compute.amazonaws.com
www.storygize.net
4    192.132.33.46 (United States)

ASN18568 (BIDTELLECT - Bidtellect Inc., US)
PTR: 46.bidtellect.com
bttrack.com
6    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
9    35.157.107.235 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-107-235.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    35.210.239.72 (Mountain View, United States)

ASN19527 (GOOGLE-2 - Google LLC, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
2    136.243.75.32 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hosting.adhigh.net
px.adhigh.net
7    52.18.172.27 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-18-172-27.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
4    23.5.109.152 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-5-109-152.deploy.static.akamaitechnologies.com
tags.bluekai.com
4    35.176.88.2 (London, United Kingdom)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-176-88-2.eu-west-2.compute.amazonaws.com
aa.agkn.com
6    3.224.181.188 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-224-181-188.compute-1.amazonaws.com
i.liadm.com
6    34.253.243.224 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-253-243-224.eu-west-1.compute.amazonaws.com
ml314.com
5    35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 21.72.190.35.bc.googleusercontent.com
idsync.rlcdn.com
7    147.75.102.200 (Central, Hong Kong)

ASN54825 (PACKET - Packet Host, Inc., US)
loadm.exelator.com
4    185.59.220.29 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-20.cdn77.com
load77.exelator.com
1    185.31.128.129 (Netherlands)

ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US)
p.rfihub.com
1    37.18.16.16 (Moscow, Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
1    2607:f8b0:400a:808::2003 (United States)

ASN15169 (GOOGLE - Google LLC, US)
csi.gstatic.com
1    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
Apex Domain
Subdomains		 Transfer
127 taboola.com
cdn.taboola.com
trc.taboola.com
match.taboola.com
cds.taboola.com
images.taboola.com
1 MB
114 gazetaexpress.com
gazetaexpress.com
www.gazetaexpress.com
message909.gazetaexpress.com
4 MB
44 cloudfront.net
d31qbv1cthcecs.cloudfront.net
d2zv5rkii46miq.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
1023 KB
42 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
ad.doubleclick.net
cm.g.doubleclick.net
383 KB
36 insticator.com
geoip.insticator.com
b2c.insticator.com
event.insticator.com
cms.insticator.com
15 KB
29 aj1431.online
aj1431.online
34 KB
20 openx.net
projectagora-d.openx.net
eu-u.openx.net
us-u.openx.net
5 KB
17 googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
212 KB
17 scorecardresearch.com
sb.scorecardresearch.com
11 KB
17 googletagservices.com
www.googletagservices.com
436 KB
15 adnxs.com
ib.adnxs.com
12 KB
14 gstatic.com
fonts.gstatic.com
csi.gstatic.com
194 KB
11 exelator.com
loadm.exelator.com
load77.exelator.com
7 KB
11 facebook.com
staticxx.facebook.com
www.facebook.com
an.facebook.com
2 KB
10 google-analytics.com
www.google-analytics.com
71 KB
9 bidswitch.net
x.bidswitch.net
3 KB
8 adsrvr.org
match.adsrvr.org
3 KB
7 crwdcntrl.net
sync.crwdcntrl.net
4 KB
7 mathtag.com
sync.mathtag.com
4 KB
7 mfadsrvr.com
rtb.mfadsrvr.com
4 KB
7 criteo.net
static.criteo.net
98 KB
7 criteo.com
bidder.criteo.com
1 KB
7 pubmatic.com
hbopenbid.pubmatic.com
504 B
6 ml314.com
ml314.com
3 KB
6 liadm.com
i.liadm.com
2 KB
6 fontawesome.com
use.fontawesome.com
256 KB
6 districtm.io
dmx.districtm.io
1 KB
6 amazon-adsystem.com
c.amazon-adsystem.com
85 KB
6 smartadserver.com
prg.smartadserver.com
8 KB
6 adform.net
adx.adform.net
2 KB
6 projectagora.net
projectagora.net
464 KB
6 projectagoraservices.com
ads.projectagoraservices.com
65 KB
6 creativecdn.com
prebid-eu.creativecdn.com
creativecdn.com
ams.creativecdn.com
2 KB
6 google.com
adservice.google.com
www.google.com
2 KB
6 google.de
adservice.google.de
www.google.de
2 KB
6 facebook.net
connect.facebook.net
318 KB
5 rlcdn.com
idsync.rlcdn.com
2 KB
5 teads.tv
a.teads.tv
sync.teads.tv
t.teads.tv
186 KB
4 agkn.com
aa.agkn.com
1 KB
4 bluekai.com
tags.bluekai.com
1 KB
4 bttrack.com
bttrack.com
1 KB
4 storygize.net
www.storygize.net
2 KB
4 contextweb.com
bh.contextweb.com
3 KB
4 powerlinks.com
px.powerlinks.com
2 KB
4 adxpremium.services
s2.adxpremium.services
1 KB
4 rubiconproject.com
fastlane.rubiconproject.com Failed
pixel.rubiconproject.com
956 B
4 googleapis.com
fonts.googleapis.com
3 KB
2 adhigh.net
px.adhigh.net
945 B
2 consensu.org
sourcepoint.mgr.consensu.org
2 KB
2 projectagoralibs.com
projectagoralibs.com
170 KB
1 hybrid.ai
dm.hybrid.ai
407 B
1 rfihub.com
p.rfihub.com
706 B
1 metadsp.co.uk
u.ipw.metadsp.co.uk
266 B
1 summerhamster.com
www.summerhamster.com
181 B
1 quantcount.com
rules.quantcount.com
352 B
1 quantserve.com
secure.quantserve.com
6 KB
1 alexametrics.com
certify.alexametrics.com
552 B
1 gjirafa.com
video.gjirafa.com
1 lijit.com
ap.lijit.com
627 B
1 emxdgt.com
hb.emxdgt.com
313 B
1 casalemedia.com
as-sec.casalemedia.com
911 B
1 onesignal.com
cdn.onesignal.com
3 KB
1 twpasol.com
twpasol.com
1 KB
1 adxbid.info
adxbid.info
78 KB
1 windows.net
gjstatic.blob.core.windows.net
8 KB
0 sonobi.com Failed
apex.go.sonobi.com Failed
631 66
Domain Requested by
110 www.gazetaexpress.com www.gazetaexpress.com
d3lcz8vpax4lo2.cloudfront.net
55 trc.taboola.com 20 redirects cdn.taboola.com
www.gazetaexpress.com
33 df80k0z3fi8zg.cloudfront.net d3lcz8vpax4lo2.cloudfront.net
www.gazetaexpress.com
29 aj1431.online www.gazetaexpress.com
aj1431.online
25 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.gazetaexpress.com
d3lcz8vpax4lo2.cloudfront.net
24 images.taboola.com www.gazetaexpress.com
cdn.taboola.com
22 cdn.taboola.com www.gazetaexpress.com
cdn.taboola.com
20 match.taboola.com
20 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
www.gazetaexpress.com
17 sb.scorecardresearch.com 4 redirects www.gazetaexpress.com
cdn.taboola.com
17 www.googletagservices.com www.gazetaexpress.com
securepubads.g.doubleclick.net
d3lcz8vpax4lo2.cloudfront.net
15 ib.adnxs.com adxbid.info
projectagora.net
df80k0z3fi8zg.cloudfront.net
www.gazetaexpress.com
cdn.taboola.com
14 cm.g.doubleclick.net 14 redirects
13 fonts.gstatic.com www.gazetaexpress.com
www.google-analytics.com
d3lcz8vpax4lo2.cloudfront.net
10 eu-u.openx.net 10 redirects
10 tpc.googlesyndication.com securepubads.g.doubleclick.net
d3lcz8vpax4lo2.cloudfront.net
10 www.google-analytics.com 2 redirects www.gazetaexpress.com
9 x.bidswitch.net 9 redirects
9 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
9 d3lcz8vpax4lo2.cloudfront.net www.gazetaexpress.com
d3lcz8vpax4lo2.cloudfront.net
8 match.adsrvr.org 6 redirects
7 loadm.exelator.com 7 redirects
7 sync.crwdcntrl.net 3 redirects www.gazetaexpress.com
cdn.taboola.com
7 sync.mathtag.com 7 redirects
7 rtb.mfadsrvr.com 7 redirects
7 pagead2.googlesyndication.com www.gazetaexpress.com
7 static.criteo.net adxbid.info
projectagora.net
7 www.facebook.com www.gazetaexpress.com
connect.facebook.net
7 bidder.criteo.com adxbid.info
projectagora.net
7 hbopenbid.pubmatic.com adxbid.info
projectagora.net
6 ml314.com 4 redirects
6 i.liadm.com 2 redirects www.gazetaexpress.com
cdn.taboola.com
6 cds.taboola.com www.gazetaexpress.com
6 use.fontawesome.com d3lcz8vpax4lo2.cloudfront.net
6 dmx.districtm.io df80k0z3fi8zg.cloudfront.net
www.gazetaexpress.com
6 c.amazon-adsystem.com d3lcz8vpax4lo2.cloudfront.net
c.amazon-adsystem.com
6 prg.smartadserver.com projectagora.net
6 adx.adform.net projectagora.net
6 projectagora-d.openx.net projectagora.net
6 projectagora.net ads.projectagoraservices.com
6 ads.projectagoraservices.com aj1431.online
6 connect.facebook.net www.gazetaexpress.com
connect.facebook.net
5 idsync.rlcdn.com 3 redirects
4 us-u.openx.net
4 load77.exelator.com www.gazetaexpress.com
4 aa.agkn.com 4 redirects
4 tags.bluekai.com www.gazetaexpress.com
cdn.taboola.com
4 bttrack.com www.gazetaexpress.com
cdn.taboola.com
4 www.storygize.net 4 redirects
4 creativecdn.com 4 redirects
4 bh.contextweb.com 4 redirects
4 px.powerlinks.com 4 redirects
4 pixel.rubiconproject.com www.gazetaexpress.com
cdn.taboola.com
4 b2c.insticator.com d3lcz8vpax4lo2.cloudfront.net
4 s2.adxpremium.services adxbid.info
www.gazetaexpress.com
4 adservice.google.com www.googletagservices.com
d3lcz8vpax4lo2.cloudfront.net
4 adservice.google.de www.googletagservices.com
d3lcz8vpax4lo2.cloudfront.net
4 fonts.googleapis.com www.gazetaexpress.com
d3lcz8vpax4lo2.cloudfront.net
3 cms.insticator.com d3lcz8vpax4lo2.cloudfront.net
3 an.facebook.com projectagora.net
3 message909.gazetaexpress.com projectagoralibs.com
2 px.adhigh.net 2 redirects
2 sourcepoint.mgr.consensu.org projectagoralibs.com
2 t.teads.tv www.gazetaexpress.com
2 projectagoralibs.com twpasol.com
projectagoralibs.com
2 www.google.de www.gazetaexpress.com
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
2 a.teads.tv www.gazetaexpress.com
a.teads.tv
1 csi.gstatic.com securepubads.g.doubleclick.net
1 dm.hybrid.ai 1 redirects
1 p.rfihub.com 1 redirects
1 u.ipw.metadsp.co.uk 1 redirects
1 ams.creativecdn.com 1 redirects
1 sync.teads.tv a.teads.tv
1 www.summerhamster.com www.gazetaexpress.com
1 ad.doubleclick.net www.gazetaexpress.com
1 rules.quantcount.com secure.quantserve.com
1 d2zv5rkii46miq.cloudfront.net projectagoralibs.com
1 secure.quantserve.com www.gazetaexpress.com
1 staticxx.facebook.com connect.facebook.net
1 certify.alexametrics.com www.gazetaexpress.com
1 video.gjirafa.com www.gazetaexpress.com
1 ap.lijit.com adxbid.info
1 hb.emxdgt.com adxbid.info
1 as-sec.casalemedia.com adxbid.info
1 prebid-eu.creativecdn.com adxbid.info
1 d31qbv1cthcecs.cloudfront.net www.gazetaexpress.com
1 cdn.onesignal.com www.gazetaexpress.com
1 twpasol.com www.gazetaexpress.com
1 adxbid.info www.gazetaexpress.com
1 gjstatic.blob.core.windows.net www.gazetaexpress.com
1 gazetaexpress.com 1 redirects
0 apex.go.sonobi.com Failed df80k0z3fi8zg.cloudfront.net
0 fastlane.rubiconproject.com Failed adxbid.info
projectagora.net
df80k0z3fi8zg.cloudfront.net
631 95

This site contains links to these domains. Also see Links.

Domain
www.shkabaj.net
Subject Issuer Validity Valid
sni27209.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-12-09 -
2020-06-16		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
*.blob.core.windows.net
Microsoft IT TLS CA 2		 2019-05-30 -
2021-05-30		 2 years crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-10-25 -
2020-10-09		 a year crt.sh
teads.tv
Let's Encrypt Authority X3		 2019-10-30 -
2020-01-28		 3 months crt.sh
sni25929.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-09-07 -
2020-03-15		 6 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
ssl898578.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-10-11 -
2020-04-18		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-12-06 -
2020-03-05		 3 months crt.sh
aj1431.online
Let's Encrypt Authority X3		 2019-11-19 -
2020-02-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.creativecdn.com
RapidSSL RSA CA 2018		 2019-01-11 -
2021-04-11		 2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-07-17 -
2020-03-09		 8 months crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2019-07-17 -
2020-07-17		 a year crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2019-12-05 -
2021-04-08		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2019-03-11 -
2020-05-10		 a year crt.sh
www.google.de
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
certify.alexametrics.com
Amazon		 2019-07-26 -
2020-08-26		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2019-10-04 -
2020-10-07		 a year crt.sh
message909.gazetaexpress.com
Let's Encrypt Authority X3		 2019-10-14 -
2020-01-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
*.summerhamster.com
Let's Encrypt Authority X3		 2019-12-07 -
2020-03-06		 3 months crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-28 -
2019-12-26		 a year crt.sh
sourcepoint.mgr.consensu.org
DigiCert SHA2 Secure Server CA		 2019-04-22 -
2020-04-29		 a year crt.sh
ads.projectagoraservices.com
Let's Encrypt Authority X3		 2019-11-19 -
2020-02-17		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2018-01-04 -
2020-07-09		 3 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.smartadserver.com
Thawte RSA CA 2018		 2018-09-07 -
2020-02-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2019-12-03 -
2021-04-06		 a year crt.sh
*.insticator.com
COMODO RSA Organization Validation Secure Server CA		 2018-05-25 -
2020-08-26		 2 years crt.sh
c.amazon-adsystem.com
Amazon		 2019-10-07 -
2020-09-29		 a year crt.sh
districtm.io
CloudFlare Inc ECC CA-2		 2019-03-26 -
2020-03-26		 a year crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-07-30 -
2020-07-25		 a year crt.sh
*.taboola.com
DigiCert SHA2 Secure Server CA		 2019-09-03 -
2020-09-10		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
g2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-11-21 -
2020-11-12		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2019-03-19 -
2021-04-13		 2 years crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
odc-prod-01.oracle.com
DigiCert ECC Secure Server CA		 2018-12-10 -
2020-03-10		 a year crt.sh
*.liadm.com
Amazon		 2019-01-25 -
2020-02-25		 a year crt.sh
*.ml314.com
Amazon		 2019-03-16 -
2020-04-16		 a year crt.sh
1605158521.rsc.cdn77.org
Let's Encrypt Authority X3		 2019-11-12 -
2020-02-10		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-24 -
2020-04-23		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh

This page contains 45 frames:

Primary Page: https://www.gazetaexpress.com/
Frame ID: F38A6512E0C58EF96A36FB8AEED08707
Requests: 196 HTTP requests in this frame

Frame: https://video.gjirafa.com/embed/t7-live
Frame ID: F475F48855FBC4128407ABAE703AF265
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: E598FF737BF97DF0D955F83C2CFB1023
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 2B3AAFEF3CA24F4015D08A40BCDD7077
Requests: 1 HTTP requests in this frame

Frame: https://aj1431.online/zPHfoqiugB_Fs0MOdBYrvGaKMMs5E0rHEd8fETbfvKLpJ4vlWx5gNOg8rhF09EtG5sTeDTZ3iFCiIwkTDiPNjaI9zsIiPw0ZjKxIQ3Tt6IlS9yOpDaLLY9ZuuTsEMheKD8pEfBTPXz3ZPfQGeI3nUHZKp87BelKMOLWT8XySCTrEAkqdFtq4aa5vKesaF5-uBpNbz0sJ0PflwyYFvdr7jNXmyDA4DPLY26QZSqX-ykXk5yjq9IoM0Zz5HxCw7zh8XGJahfpRsky_70tDNyc1LS0Ap0xxfUQw4HPqZJLN1MuDXDcyFALCyV2KsJIOf9etnqs7lziWyWXCeY5vmjQ?DC=WZ
Frame ID: 8575A1BD20B7D6BD409FA2666746270A
Requests: 1 HTTP requests in this frame

Frame: https://aj1431.online/zQrp5IzbscUBfbi67hWd7SOqUAR4-Jn-P8RqVByU2heLTAQ73OkJtEQM4SizSirI-IxK6oAiP552Jc9r9MI34Zo9p4B4lu3LlA1GMr65udYlzBkBC7MQmn1pR9doZtjqRLI29LevfXLQYVKZyEfCxGfkzacV7wGXV7tUlg8YXUtnvNleYm1lns4-uqKqTBMzs_1ZxZPu3fzBtMr26uU_x0Ad6hO8TmOV_HLMvgcsoyL4nDc1qv0ww5XIKNURNCvgu3QzF602JRVO6hvn8TKvripyjTNBomlYTxo3oX1T3XIBjVj6ENm-EkEj9C2KUUDs_X2bu_brgmlx8nRPBXA?DC=WZ
Frame ID: D6A8B1B6A5796B5BFB4983B5ECC1C526
Requests: 1 HTTP requests in this frame

Frame: https://aj1431.online/zs2oYYavANioK0K0RVhwlQTvkVg72aEpuiLmyjUoGZVOuZAmmmpl1YXO9clKyncgzuN568hzipJvvDs1UdXK5t_lKm2W1qEzbbcxxe6CD6DnMnvsgMBpfjvdG6xDvu11IVX97L6Etcv7N_ku7FKWryhRpFn-Bsc1BUEFawjszHM1Oi9Y0lHB8-JUYEEVervj2Bq6q-vuLytxqftrhGsG5YJdkAciATm4E3WMgQ3bh7TfErQekJkY0x6bTdo0DzjWPbdG8hYaB8pZemn28vEdmveolZc0a2JPYecDdOmTvL65JKGNuDkWJqm9DRcNLo_tg9GdbK7RLJHLGy8U1yw?DC=WZ
Frame ID: 7BC466FD4C8D67938E5F66706ECCFE1B
Requests: 1 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=4361
Frame ID: EE950B18EA27BD7DC23559207C1276A6
Requests: 13 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=5043
Frame ID: 3920B6D331AAF6B628C3CCC5419982E9
Requests: 12 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=4361
Frame ID: DD0C77D57B7B89A84759E48A7390FEC2
Requests: 13 HTTP requests in this frame

Frame: https://aj1431.online/zA8GQhEFwkFCagpNs2aikb7BKG1_KVRvPCftZuDRXaozxo7mApJI6yzSmt-9kperAFGMIRA_3AUT2a6yUP-8n4Q_-RQcsdB33mWn1kO_bFOHo0fG-uippl-z8Li3yQb6YqneAkJknoqN6gMhSHKdUx24x3MXZaqrVqGU_sD9WTTu1rA9LchYtGmi2la8v2R8el2DWUeVrE_OxHKPy1voPIBcNavi4qy65DtEdrIztN-H6YBqjsuhG2v1hWug6LBakraqTW4TTqWDdoY7j-82n7dOStof3AJz05-OLPnOwAJlxQremFxnpvx1ua3jVw6IsWIiHqfw35m_7DTtgCMM?DC=WZ
Frame ID: C5CF4E346044B80919D2B5070A4659BC
Requests: 1 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=5043
Frame ID: CD7FC4819E91B557E0883F1FB86976D5
Requests: 12 HTTP requests in this frame

Frame: https://aj1431.online/zmULkp7hDV6ivAnNDTJ84AB2HFFS5gYi8RLQ_aJ0YQPHQSYm5qz82Hv-itdVB5G2HtqV4ddmM5TvPCJ5FqVSk_HKLUEjwk083NvTLz6LoyrOS0oZY-2sd79oBSTn4WSRsqBAGsobQPTLsRkBNCNX7078LRQUBKon4_QAPdbQQvS54E6vjMTfWXYChs92D8vCFQBlRkx8J9DHue3RvvqsIAx2cxUvVKtmAUeoD_71bLmxIKNdL0T74dsz3rMCAHLAi0zjJxcYWcpQz0aHKimf-qxM9c-dNSAoEBDdLxeR7Vizn0nbUcbAWSt_cN5zUC5nJ7gUvn4Tw-bIaWlYqTw?DC=WZ
Frame ID: 052F6D7D67DEE918B0C8B4B8AFDFAE57
Requests: 1 HTTP requests in this frame

Frame: https://aj1431.online/zTANkBJ4-Iri8Djqfi3AlbRLDnBfyF3Gwut5WDe-4JbDgSQT63NVtXm5ye7E6jOSx_QSRRbx0BMLZMAdrsDBRlGt9MWccpWgI79-97vRGPY7c0KHTtbOzi49pBuqH-8hIg85P56pw599A3TTBR0-Ngjryl0TmMbQe1kkBi9Y4dCgbf637vYn6G0c93O_PjZczorF0LoSAwsRdfhW8qshavA1j9BUyEsV10Dg9QENjzSDA_Tp5pNJdyST7JGxSs9Mp7PhfN-cQJztY_kEpa_UCrCa5sUYsM46ZCdXdJMA1jpmpzFzbPSDxuhNgS_kopKipty4_cwbzyswhSC3WYok?DC=WZ
Frame ID: 6E7E8DD89EA501714594168027636A76
Requests: 1 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=4360
Frame ID: C5E6B355CCABDE070A5B4DD2AD16CB9F
Requests: 13 HTTP requests in this frame

Frame: https://aj1431.online/zF9jSHzKzKpXnjO2I0zHg47ixRzro_rKhTLFLBKnpSWhDrg6C6K-MQJWbqxPbX-BbEbhMhusLudAy8kOXsBIb2HHyaCAobY5naOFcjMjrRsKS9e-i8-cBEoqEAfogDb2yxyTB1fbsoygqcWfVQVP0ZLXBySgEoNj_UGwvi3A8ENUjxJ6gsTl8C-vZfPUN7CHJGzKNizGZQnx7sMMZ4fPBhUxqmnN_e43TjmpOjDME4sOqjDmzsEIZ0Rba233_hpiv4vWCvJr-GqMQfaZn4LOQ0Swgr0J_D0sCkt33nRQXmU1eIiCcnVl5S3KB3alm_mylDq4wV2z5RsRGzVKLwnM?DC=WZ
Frame ID: 11D36358EC7BAE0FD7DBE17A3FCC2C60
Requests: 1 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=5043
Frame ID: B448F30AC3C02AC275FF1006CCCA9380
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZfOTsTD3LyxqD8mFKRYS-IFlQdk-w3qSp3lPd65eNDCnyKT_LxZt9WYAl9mFMEo02UHFLErJPWh1aGKexTVFnCvLv_nQok5pUGJa8JiDJz89dnMo1uoq6ks05RHHO-DQ2cmKEtX5yxoEjWz2N7ER70L4Sms-qNyb4ceKnTd-eTJX0xcohNyZJvhvScQn9A483ZpIqxxuiSGm7_K0x-OEgG-oxT5xXz-0qv6tKmQpt9eK71xu_y3yjyUBcH_X-73AD3jhMY_u_E2yX_tuBSl8I0LPOdafOr_Bf&sai=AMfl-YSSjOh_ye1jXxuRec9uN5r1PeJ4XmRD6kDn8hExxUfofRkoT9z2a03OggQLBZHa-uBubYY2moELzw7f49C8fGbX1AVP4GhsEaonGPJF&sig=Cg0ArKJSzMdh6YGXrQiyEAE&urlfix=1&adurl=
Frame ID: BBB21D662AEAABAD2CA1E917C1FA1D82
Requests: 29 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPzsPcHFuIi6M1PCqFX1aucS5KPr5nCb_5Ht_GX15qFub5dIhlM4JktGZkxSIc1peGDo-ujVl83QXRPK_-QcFiGGeCM5QBKRnKy0n_AbdvPwn14ySe_sHmEhncflZcOdUdNBkFYEBX5IDfelm78xMe1uf3LbGOTsXyU_MZDqW23OGnZaD87HYN4J95tniKIpo9pn2lhxicluOJTzraOJO0V3E8U2fZRjgVa67F7jO7KDSrqHKUmZuHwBn93RFfb5LJbooBDPx1FvWjQCXWf7URwvyfoDeg4L-nfCB2_NN-eA&sai=AMfl-YTTTF2q2iHhsniBXkleTWFjVGTrOT9wdrCUY8RGBqJPoujg8wY2tyF5mY40xEnK3jGkvpqH2xKVaWk7pTKBObpFGRNf_erdm1zeTcfu&sig=Cg0ArKJSzESCLXIZvnk0EAE&urlfix=1&adurl=
Frame ID: 8A1CA7C3B485A57D5D9A714A3F6DB256
Requests: 27 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRF0c_f8l_tGgPeCXioQuTHegnI12xif259K2zAktxb4SaPoC0jB8lCnMHSqYhazV8pBTKi8qCUCeV_-4gAyWxC7neyxj-aOLBnfPMnwV-3MQLH_QSl1JwJm4KT8zRw0mkpbCzBfF3RIv0HZFvbz61UkEGAT--fnDGVOuXVZC2bqGgOFC2MdDS0qagBUH1k4LTVrRHppDLNPLLBrfRECo8mXGhUTcBLUUCaqt6XAPM5fc1FbfOHIgoXOo7SDcwuBIu8jPiHJLdTZu71i9yq4v-z1dSSQAtSbE&sai=AMfl-YTshTPnXdnjpRtYNq-tUUTna6jOOkcmCafRieAg-jXYT_2zwuaT1MbWFr7ikCgNwWNZQt7P8ePfo4GwCrBV9NCW4-IqQxkD5zynO4pr&sig=Cg0ArKJSzOw8GTBK_inHEAE&urlfix=1&adurl=
Frame ID: 8B6C23A19A70508BD523E4D037B5DC5D
Requests: 27 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: A406790DC8833DAD3F958830BA36B57C
Requests: 1 HTTP requests in this frame

Frame: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Frame ID: 821979EC974CFC764AD939FA7355BDBE
Requests: 29 HTTP requests in this frame

Frame: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Frame ID: F9DBF29B7565AA333395F2779B045ADC
Requests: 29 HTTP requests in this frame

Frame: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Frame ID: 21D9960AF7433DDB8712B0F3F6B6C9C6
Requests: 29 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: BC2DB02822F246C1763E067A835615AA
Requests: 1 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: A6A3CFC58A9FF803D39CB99BD92A3660
Requests: 1 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: 6974A2520416DD01A3F8E79ABEDCA10F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Frame ID: DFB798B68515E9045D2FE2E2951ADEEF
Requests: 7 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Frame ID: 6772A59912D7802687D4CD5EA96C9C88
Requests: 15 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Frame ID: 97876E2AB19D1E6EAFBABEEAC3137EAC
Requests: 7 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Frame ID: 51B7B2248D729414E27B32B40D731662
Requests: 14 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress300x600hu-r16588079/loader.js
Frame ID: CC4879B0F0352FEE68C0EFFB0A97D0D1
Requests: 15 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Frame ID: 3490D25086F709C1DE8A3298D1172F71
Requests: 15 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7be3af2a-fcd5-45e8-8bd8-79dd835f3294
Frame ID: 3FF0C4BD5F8F8184761E48A4D4AF916A
Requests: 14 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3447178f-12e5-4170-ab92-b8fdecbd869d
Frame ID: D13C8AD824EBF3830274D3811820DE16
Requests: 14 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Frame ID: 57F38BC40A018F006327E8F20B993AC9
Requests: 7 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Frame ID: DABFA77B12C139A114A22C6712E856C7
Requests: 7 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Frame ID: 743E9405FEF1775C4F2C6054AAF46552
Requests: 20 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Frame ID: B1FB02E892F4F45FEFE6BE7BBBB9A24D
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNArvaFQ5Mw-MF4dlyaCfO8bkbwXgnkaa4vWC4kbyjCt2Wk5YoQ2-svqtMC-wydw8MnM_-luYDZ0Iz3kCN9Vhb0AIur2IErjRLVXVXpTrPQGvhncDv4XeCoND5NKNBt8gUEl0n3ghOzbaDXtZ30kXUFY4SEEuBAb__5qDdUmDZ-K6ZZcI06eCTiBqKf90R-lbI12YSOoa2FqffNrjc3qXht_xwsH5JNEYQWhzXOE_0bH4Z3QJaGKOhWQUwVMlwQ1AI2rQqeieGz5cO6J7Fpdh8FvFhEBGyFkN8ud7F&sig=Cg0ArKJSzKuGlQWEjQCREAE&urlfix=1&adurl=
Frame ID: 8745F923857C5A1410BA9A16FED9385E
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4vQQsyDiyfNYSBTfit7OMmBoHCIs3w5Jw25oIB8k3S6v3I1RcFiRKGW49FzBs1hPanYgAwE6YOB9hKSzEpI4w2DBCKVw_jt4QiinduL1hDaYqCnX7UFa0Z8QIyoYTWH43NQAFgbnsRV60imBkgcj_qxc_OnfGpbVojqRbzFsQD09D41KZWh37Ze6bzoJCs1UV31x18qYFZix2_-Rrf71XJZu0IDPuVho_tnutDhfFDxqI69C1nCprK42Msfz-djlvqKv6613-fUtDoRuQuincoCNDRzF-azFN12ji&sig=Cg0ArKJSzAEdJnxYByWoEAE&urlfix=1&adurl=
Frame ID: AE91E7FDF12FE61ABEC0C37EDB1ED3B4
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstw7w7Z1hkTrAbpx1awabvu8U0ETUUgiu1AGjehOd-kJCl7rElIxHJLmTpxIENElvNn_iE_Knpl0zkPauiZsfOehzw5Ul18cw8HhiUnGR6dyUGMGcbV-dKfxN2t_ihVUHZNutcn1vc9fWSBJzLXSzw52T1ysN8pY1hkgQd__Hz6Sat-A0Lh9PIEiBo_9tqj_wp24GsmafF3ekgRam2CfNSrWh0WXgfQus4f4cOHupSWRleiJ5yHC1v2fQAxTQaV4-O-kkpMgTLGK5FUgyWOqyNWFSBchvkig9ke5b1V&sig=Cg0ArKJSzA3w8_C7ACLWEAE&urlfix=1&adurl=
Frame ID: 3B47B02BBDAC4AECA559E7B1816DAE18
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFkFJRTmB_EB401g2D7cKiMrogjVttbhZiwuy5mOqMYpg8dF_IxQ7RO0WLOj4TyuHjefJ2k3w1rpBcxO9sARkcy6Ts2Pgp8R5GYe3MQHf5u8VMJsNbWtYXZeDhv_isQ9DHPMICYD98Rf8FMFz6fawhk2FVhsHGZR503kTOs5YUqT_rK_ip7mkw4yGpEKRy70EJyw95ilV2-OK7Wk_xKgSwWEik84W00lTojQrWNgv-8JwBYlQ3texV-jhLgHj2RannCCeual73XL086Y26NGx4azXr8ucwPolaqIOL&sig=Cg0ArKJSzGnllRot4W9YEAE&urlfix=1&adurl=
Frame ID: 4DFBA21C2F647857AE5869B5AF38B9F4
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYhyVTzVcvtH1dC7digBXKIDBzYxkLvwXI8fZc_7IcbOLdfb67GESAS-RYGh141z6cPUjEtKVebWrcMoOVzfdHTnGXD45GiZaOVSyI5UIcw02elRcauFjEiN-0uZKL_nr9AmPpYwhqPNd4xplZKmMfNzIMDyNIUWuZLKEjhmSqnZeSho0_stFEKS7bCdl5U2RtQmFZQmKA6UAI34pQkZCSZYyrcZBwsc7i2CETaNzAlRJnxE1ZYIZQlgMdw54X7DnnPHUMuZUuHFtG4pGIVry2BV5g3tYg5HInvbTm&sig=Cg0ArKJSzP9mjSJ3sMvwEAE&urlfix=1&adurl=
Frame ID: D10379EE87B4B7CBE7104BD58DEB449E
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCS6na8Fc8gKXItJGDGmOCAMSihV84tYAkTTfCVZbT-M-TnKkcmS1ImzIl3SVnK2UBw7jHBj-XxXZ28YNuWiJ-Wt6zKJdJc83o2CzgULfSvlIS_Ogci-DsX5nE1lSrD6yoTinGi-0aPNhthmsHhr2Idqal03S5xiBFbLOpG9udF1KUC4S1HFoR4sR7ybKyfJ652nLM02e3f9a07NXJU2UfiP5Es3nsuoR32zJ7YemXE4l9xy9tfOFYoS7k939IodLHh931gvAyVaJqNyMggmQ6T_9-cAvu9ik9aWWA&sig=Cg0ArKJSzFPkJ4vFUrX8EAE&urlfix=1&adurl=
Frame ID: B66881630EB9648190BD9C9112EFDC12
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://gazetaexpress.com/ HTTP 301
    https://www.gazetaexpress.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

631
Requests

95 %
HTTPS

34 %
IPv6

66
Domains

95
Subdomains

70
IPs

12
Countries

9624 kB
Transfer

19041 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gazetaexpress.com/ HTTP 301
    https://www.gazetaexpress.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 135
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1739626592&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%C3%ABri%20dhe%20Maqedoni%20-%20www.gazetaexpress.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACEABB~&jid=1187998644&gjid=1415215082&cid=579362629.1576418099&tid=UA-6427330-1&_gid=1963582079.1576418099&_r=1&z=1093338573 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6427330-1&cid=579362629.1576418099&jid=1187998644&_gid=1963582079.1576418099&gjid=1415215082&_v=j79&z=1093338573 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=579362629.1576418099&jid=1187998644&_v=j79&z=1093338573 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=579362629.1576418099&jid=1187998644&_v=j79&z=1093338573&slf_rd=1&random=3425747818
Request Chain 160
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1576418099450&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=98601962&cs_ucfr=1 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1576418099450&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=98601962&cs_ucfr=1
Request Chain 404
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103588&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103588&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9=
Request Chain 414
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103650&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103650&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9=
Request Chain 434
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7be3af2a-fcd5-45e8-8bd8-79dd835f3294
Request Chain 436
  • https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
  • https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=B_QxKp-mXHvyjl7r2KCLheH2bnpd97hRW2QQM4nw4IM%3D
Request Chain 437
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID] HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=31d25df6-2ed6-4d00-b8af-e30806530a97 HTTP 302
  • https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=31d25df6-2ed6-4d00-b8af-e30806530a97 HTTP 302
  • https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=31d25df6-2ed6-4d00-b8af-e30806530a97&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D31d25df6-2ed6-4d00-b8af-e30806530a97
Request Chain 438
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%% HTTP 302
  • https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=lhg8HtvGIndc&ev=1&pid=562107
Request Chain 439
  • https://creativecdn.com/cm-notify?pi=taboola HTTP 302
  • https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1 HTTP 302
  • https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=8GI1xF0aNZ39y8WGQdUH&pi=taboola&tc=1
Request Chain 441
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIVa5wBqIOw0oLnYMhJsSPc&google_cver=1 HTTP 302
  • https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEIVa5wBqIOw0oLnYMhJsSPc&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3DCAESEIVa5wBqIOw0oLnYMhJsSPc%26google_cver%3D1
Request Chain 443
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75 HTTP 302
  • https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dfbf73039-1e82-4e81-9ae0-3bf72c706d75
Request Chain 444
  • https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=d9aff713-b302-48ba-9a9a-1ea1176c099d-tuct4efc0b7 HTTP 302
  • https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=94b42eac-e7a9-4260-b325-254a1ad3506d HTTP 302
  • https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=94b42eac-e7a9-4260-b325-254a1ad3506d&tbid=ff993c3c-5b52-46f6-b3e1-95663c8e1e82-tuct4efc0b9&query=taboola_hm%3D94b42eac-e7a9-4260-b325-254a1ad3506d
Request Chain 447
  • https://x.bidswitch.net/sync?ssp=taboola HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=576580db-d490-41fc-a49e-98abb96186c7&bsw_param=576580db-d490-41fc-a49e-98abb96186c7&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=taboola&bsw_param=576580db-d490-41fc-a49e-98abb96186c7 HTTP 302
  • https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7 HTTP 302
  • https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7&tbid=85acec79-5ae6-4f60-917e-13517f414ec9-tuct4efc0b9&query=taboola_hm%3D576580db-d490-41fc-a49e-98abb96186c7
Request Chain 450
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3447178f-12e5-4170-ab92-b8fdecbd869d
Request Chain 452
  • https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
  • https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=B_QxKp-mXHvyjl7r2KCLheH2bnpd97hRW2QQM4nw4IM%3D
Request Chain 453
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID] HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=c33c5df6-2f72-4f00-9d8f-d9dd809ba679 HTTP 302
  • https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=c33c5df6-2f72-4f00-9d8f-d9dd809ba679 HTTP 302
  • https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=c33c5df6-2f72-4f00-9d8f-d9dd809ba679&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dc33c5df6-2f72-4f00-9d8f-d9dd809ba679
Request Chain 454
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%% HTTP 302
  • https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=HLvvm2g7irej&ev=1&pid=562107
Request Chain 455
  • https://creativecdn.com/cm-notify?pi=taboola HTTP 302
  • https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=8GI1xF0aNZ39y8WGQdUH&pi=taboola
Request Chain 457
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDNfuvMuR_18m5HRk0eVMFo&google_cver=1 HTTP 302
  • https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEDNfuvMuR_18m5HRk0eVMFo&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3DCAESEDNfuvMuR_18m5HRk0eVMFo%26google_cver%3D1
Request Chain 459
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75 HTTP 302
  • https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dfbf73039-1e82-4e81-9ae0-3bf72c706d75
Request Chain 461
  • https://x.bidswitch.net/sync?ssp=taboola HTTP 302
  • https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=taboola HTTP 302
  • https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=taboola&bounced=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=9&user_id=eLwtWLactvL.AikABlFvCddcYw&expires=30&ssp=taboola HTTP 302
  • https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7 HTTP 302
  • https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D576580db-d490-41fc-a49e-98abb96186c7
Request Chain 463
  • https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=5d169034-df2b-4a8d-a5f0-6049e3553a43-tuct4efc0b7 HTTP 302
  • https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=94b42eac-e7a9-4260-b325-254a1ad3506d HTTP 302
  • https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=94b42eac-e7a9-4260-b325-254a1ad3506d&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D94b42eac-e7a9-4260-b325-254a1ad3506d
Request Chain 468
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103917&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103917&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9=
Request Chain 494
  • https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Request Chain 496
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9 HTTP 302
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900703270000745660
Request Chain 497
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9 HTTP 303
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&_li_chk=true&previous_uuid=cde76ad400c54219a8e8da67c8f1a4dc
Request Chain 498
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3606766353900372054 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYwNjc2NjM1MzkwMDM3MjA1NBAAGg0IvPbY7wUSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=908a3f0bced6535364c5410dc363eb52f5798213223da0a40a13e820ac1b1906f4cb09cee1a4f8eb&person_id=3606766353900372054&eid=50082
Request Chain 499
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 506
  • https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Request Chain 508
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9 HTTP 302
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900603270000746800
Request Chain 510
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3606766353900372057 HTTP 307
  • https://ml314.com/csync.ashx?fp=&person_id=3606766353900372057&eid=50082
Request Chain 511
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 523
  • https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
  • https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=B_QxKp-mXHvyjl7r2KCLheH2bnpd97hRW2QQM4nw4IM%3D
Request Chain 524
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID] HTTP 302
  • https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=c33c5df6-2f72-4f00-9d8f-d9dd809ba679 HTTP 302
  • https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=c33c5df6-2f72-4f00-9d8f-d9dd809ba679&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dc33c5df6-2f72-4f00-9d8f-d9dd809ba679
Request Chain 526
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9 HTTP 302
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164920803270000747262
Request Chain 527
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9 HTTP 303
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&_li_chk=true&previous_uuid=fa6a289a032041ef8cc1374c1f5e7cc6
Request Chain 529
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3606766354169856021
Request Chain 531
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 533
  • https://x.bidswitch.net/sync?ssp=taboola HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1041527796500657537&expires=30&ssp=taboola HTTP 302
  • https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7 HTTP 302
  • https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D576580db-d490-41fc-a49e-98abb96186c7
Request Chain 535
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=749bf7d6-c568-4a85-8c63-93ae5047781a
Request Chain 537
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%% HTTP 302
  • https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=qa08TFmQ6nKQ&ev=1&pid=562107
Request Chain 538
  • https://creativecdn.com/cm-notify?pi=taboola HTTP 302
  • https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=8GI1xF0aNZ39y8WGQdUH&pi=taboola
Request Chain 539
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDNfuvMuR_18m5HRk0eVMFo&google_cver=1 HTTP 302
  • https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEDNfuvMuR_18m5HRk0eVMFo&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3DCAESEDNfuvMuR_18m5HRk0eVMFo%26google_cver%3D1
Request Chain 540
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75 HTTP 302
  • https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dfbf73039-1e82-4e81-9ae0-3bf72c706d75
Request Chain 541
  • https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9 HTTP 302
  • https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=25832df7-0734-4830-9e50-bddc21ca5f3a HTTP 302
  • https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=25832df7-0734-4830-9e50-bddc21ca5f3a&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D25832df7-0734-4830-9e50-bddc21ca5f3a
Request Chain 547
  • https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Request Chain 548
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=749bf7d6-c568-4a85-8c63-93ae5047781a
Request Chain 550
  • https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
  • https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=ln20WQhw4jVmA-vE6XR5AG9NKsxKhIQryFDy4bgu3hc%3D
Request Chain 551
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID] HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=f6da5df6-3218-4a00-8f08-880a150a2675 HTTP 302
  • https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=f6da5df6-3218-4a00-8f08-880a150a2675 HTTP 302
  • https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=f6da5df6-3218-4a00-8f08-880a150a2675&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Df6da5df6-3218-4a00-8f08-880a150a2675
Request Chain 552
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%% HTTP 302
  • https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=D6bDGW9mdRwa&ev=1&pid=562107
Request Chain 553
  • https://creativecdn.com/cm-notify?pi=taboola HTTP 302
  • https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=8GI1xF0aNZ39y8WGQdUH&pi=taboola
Request Chain 555
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9 HTTP 302
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164890803270000746682
Request Chain 558
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3606766354169856021
Request Chain 559
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDNfuvMuR_18m5HRk0eVMFo&google_cver=1 HTTP 302
  • https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEDNfuvMuR_18m5HRk0eVMFo&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3DCAESEDNfuvMuR_18m5HRk0eVMFo%26google_cver%3D1
Request Chain 561
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75 HTTP 302
  • https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dfbf73039-1e82-4e81-9ae0-3bf72c706d75
Request Chain 562
  • https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9 HTTP 302
  • https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=25832df7-0734-4830-9e50-bddc21ca5f3a HTTP 302
  • https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=25832df7-0734-4830-9e50-bddc21ca5f3a&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D25832df7-0734-4830-9e50-bddc21ca5f3a
Request Chain 563
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 565
  • https://x.bidswitch.net/sync?ssp=taboola HTTP 302
  • https://dm.hybrid.ai/bidswitch-match?ssp=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=258&user_id=8704ac38305b7b56764f&expires=30&ssp=taboola HTTP 302
  • https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7 HTTP 302
  • https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D576580db-d490-41fc-a49e-98abb96186c7
Request Chain 572
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHB81AccF4Wo5MB_q5J5RGE&google_cver=1
Request Chain 573
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHeFMHpi8RdjwPsCxNIDcS4&google_cver=1
Request Chain 574
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB76TuhhDS5hiSqXH7VTkCM&google_cver=1
Request Chain 575
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGR0KxBgM3WbQ9kQO_S6A14&google_cver=1
Request Chain 576
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA HTTP 302
  • https://match.adsrvr.org/track/cmf/openx?oxid=dfd1670e-4729-3118-4630-a56aa82dc1d2&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA
Request Chain 589
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA HTTP 302
  • https://match.adsrvr.org/track/cmf/openx?oxid=dfd1670e-4729-3118-4630-a56aa82dc1d2&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA
Request Chain 638
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1739626592&t=event&_s=3&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%C3%ABri%20dhe%20Maqedoni%20-%20www.gazetaexpress.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=unbounce&ea=15_sec&_u=KGBACEABB~&jid=1716500656&gjid=770694033&cid=579362629.1576418099&tid=UA-6427330-1&_gid=1963582079.1576418099&_r=1&z=387515010 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6427330-1&cid=579362629.1576418099&jid=1716500656&_gid=1963582079.1576418099&gjid=770694033&_v=j79&z=387515010 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=579362629.1576418099&jid=1716500656&_v=j79&z=387515010 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=579362629.1576418099&jid=1716500656&_v=j79&z=387515010&slf_rd=1&random=3488275555

631 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.gazetaexpress.com/
Redirect Chain
  • http://gazetaexpress.com/
  • https://www.gazetaexpress.com/
74 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3449924598a269ea4bb097a26449d60e8750ac58cd9bb7dc71e0d8116fd715b2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:method
GET
:authority
www.gazetaexpress.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
cookie
__cfduid=d50426db2490f41e100695c8ca02b5c5f1576418098
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 15 Dec 2019 13:54:58 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
link
<https://www.gazetaexpress.com/wp-json/>; rel="https://api.w.org/"
strict-transport-security
max-age=63072000; includeSubdomains
x-frame-options
DENY
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5458e99b8a19d8bd-AMS
content-encoding
br

Redirect headers

Date
Sun, 15 Dec 2019 13:54:58 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d50426db2490f41e100695c8ca02b5c5f1576418098; expires=Tue, 14-Jan-20 13:54:58 GMT; path=/; domain=.gazetaexpress.com; HttpOnly
X-Redirect-By
WordPress
Location
https://www.gazetaexpress.com/
Strict-Transport-Security
max-age=63072000; includeSubdomains
X-Frame-Options
DENY
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
5458e99a1b56c771-AMS
gpt.js
www.googletagservices.com/tag/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a82712e7f23f58c7f3c38944001a3fd5f077e89de326b729da4c145ff033b232
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"367 / 119 of 1000 / last-modified: 1576171782"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15846
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:54:58 GMT
gjdmp.js
gjstatic.blob.core.windows.net/fix/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gjstatic.blob.core.windows.net/fix/gjdmp.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.79.176.48 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
60a6793e2a5b79a24da26057cc8088555eeb0d8767b7ab9649111902320ed516

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 15 Dec 2019 13:54:58 GMT
Last-Modified
Wed, 02 Oct 2019 09:38:06 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Yyk843K7TGWG7aNdGwsiqw==
ETag
0x8D7471C3ADAE253
Content-Type
application/javascript
x-ms-request-id
7bfd2e97-f01e-00c9-6c4f-b38d18000000
x-ms-version
2009-09-19
Content-Length
7462
gf_AL-BA-BI-BY-CD-CF-CU-IQ-IR-KP-LB-LY-ME-MK-RS-RU-SD-SO-SS-SY-UA-VE-YE-ZW_gazetaexpress.com_all.js
adxbid.info/ 		263 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/gf_AL-BA-BI-BY-CD-CF-CU-IQ-IR-KP-LB-LY-ME-MK-RS-RU-SD-SO-SS-SY-UA-VE-YE-ZW_gazetaexpress.com_all.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:7faa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
04096f4650ad8700ccb70108993dc61536e5fd50bc7babe00a8119e5c21b519f

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 11 Dec 2019 09:59:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
status
200
cf-ray
5458e99c5e28cb9c-VIE
tag
a.teads.tv/page/76285/ 		848 B
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/76285/tag
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c41d4a15e6519eae34880cdc318f91fbbd6e5ddd6e92991a87a81f841f5489f4

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
gzip
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
510
expires
Sun, 15 Dec 2019 14:54:58 GMT
gazetaexpress.com.js
twpasol.com/c/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twpasol.com/c/gazetaexpress.com.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:accd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41f187c0b24fe24b33a08d35b2290afd0233eedbd14b17a2267834a5dca946b

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Nov 2019 09:34:23 GMT
server
cloudflare
age
5374
etag
W/"48f8b897515e15d1a01c28854606d8f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5458e99dadcf59b2-VIE
x-amz-request-id
E5D25879F294D74C
x-amz-id-2
XabZ0s2ukDgHTWVGIZHEm09SfUPgBIUY+3S7veJDSfPhZd3A8jljNIv6Rs31revqqpbowUcu49Y=
style.min.css
www.gazetaexpress.com/wp-includes/css/dist/block-library/ 		29 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2019 23:48:22 GMT
server
cloudflare
age
252220
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99bfb81d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:18 GMT
blocks.style.build.css
www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/dist/ 		27 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
85121a60fa28046f20d9a0f53aa7f48389804115c109dd8c1ad24b2316483d2e

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-polished
origSize=27723
x-cache-status
HIT
status
200
last-modified
Wed, 04 Sep 2019 23:49:11 GMT
pragma
public
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
5458e99bfb84d8bd-AMS
expires
Sun, 15 Dec 2019 03:39:06 GMT
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C300%2C400%2C600%2C700%7CRoboto+Slab&ver=1.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
bec64e44830f22cecd81d3a043572dbbf3d50e887c572c0e212add2dc93aeb2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 15 Dec 2019 13:54:58 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 15 Dec 2019 13:54:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:54:58 GMT
bootstrap.min.css
www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bootstrap/css/ 		138 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bootstrap/css/bootstrap.min.css?ver=1.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
02757d53179a86b474d0a406b1eaaf1ff53cc755be7d5ba9586adafa8ec3a621

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 17:34:41 GMT
server
cloudflare
age
252220
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99bfb87d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:18 GMT
jquery.fancybox.min.css
www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/fancybox/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/fancybox/jquery.fancybox.min.css?ver=1.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 17:34:29 GMT
server
cloudflare
age
252220
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99bfb8ad8bd-AMS
expires
Sun, 22 Dec 2019 15:51:18 GMT
jquery.bxslider.css
www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bxslider/ 		3 KB
859 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bxslider/jquery.bxslider.css?ver=1.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce314178842e6606a8ff7626000deca961d99324be36eceba70a8df5f8f21c40

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
age
252220
cf-polished
origSize=4112
status
200
last-modified
Thu, 07 Feb 2019 17:34:33 GMT
pragma
public
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
5458e99bfb8cd8bd-AMS
expires
Sun, 22 Dec 2019 15:51:18 GMT
font-awesome.css
www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/font-awesome.css?ver=1.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
age
252220
cf-polished
origSize=37414
status
200
last-modified
Sat, 09 Mar 2019 21:35:54 GMT
pragma
public
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
5458e99bfb8ed8bd-AMS
expires
Sun, 22 Dec 2019 15:51:18 GMT
style.css
www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/style.css?ver=1.11
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
68ac06bf066af8b878c4ccb260f74a474c1f2b500843c38f18991880cd0fc133

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
age
252220
cf-polished
origSize=23191
status
200
last-modified
Tue, 16 Apr 2019 22:28:50 GMT
pragma
public
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
5458e99bfb91d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:18 GMT
wp-featherlight.min.css
www.gazetaexpress.com/wp-content/plugins/wp-featherlight/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/wp-featherlight/css/wp-featherlight.min.css?ver=1.3.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e40ce0930cd0748fb92bc75739f641212565a3f3f2d719c667f90083d07fbaac

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Aug 2018 01:52:48 GMT
server
cloudflare
age
252220
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99bfb93d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:18 GMT
jquery.js
www.gazetaexpress.com/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
age
252220
cf-polished
origSize=96873
status
200
last-modified
Wed, 04 Sep 2019 23:48:22 GMT
pragma
public
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
5458e99bfb94d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:18 GMT
jquery-migrate.min.js
www.gazetaexpress.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 May 2016 05:11:28 GMT
server
cloudflare
age
252220
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99bfb96d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:18 GMT
jquery-1.12.4.min.js
www.gazetaexpress.com/wp-content/themes/gazetaexpress/js/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/js/jquery-1.12.4.min.js?ver=1.0.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 15:01:35 GMT
server
cloudflare
age
252220
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99c0bddd8bd-AMS
expires
Sun, 22 Dec 2019 15:51:18 GMT
jquery.easing.1.3.js
www.gazetaexpress.com/wp-content/themes/gazetaexpress/js/ 		4 KB
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/js/jquery.easing.1.3.js?ver=1.2.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
age
252220
cf-polished
origSize=8097
status
200
last-modified
Thu, 07 Feb 2019 15:01:35 GMT
pragma
public
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
5458e99c0bdfd8bd-AMS
expires
Sun, 22 Dec 2019 15:51:18 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0b41ead7d73c51545a6b97022fdf4a60c64d4910136516f2f8832d2f11d7bed

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
239
etag
W/"2a5de8dd720175aa229445a5937a6c43"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
5458e99da8f38c92-VIE
expires
Mon, 16 Dec 2019 01:54:58 GMT
sdk.js
connect.facebook.net/en_GB/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
1d4b5ef1a4543911771f2502ceec0e9cbf6084e22ca25148a909daab5475e54a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
hjW/6Y2Jr2jdMmaEHMMz6Q==
status
200
date
Sun, 15 Dec 2019 13:54:58 GMT
expires
Sun, 15 Dec 2019 14:08:35 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
1779
x-fb-debug
e/iygqHVvd9QKM1Dm0a6M1jGDfrrGC1G+oPUyc2iFf92jVw1Fs7VndGnunQehYFVvJ9vGfePblV7/sVJpS6Ztw==
x-fb-trip-id
420120009
x-fb-content-md5
6f8a4bd30471f1288369271a85f4a40c
etag
"45d35c39dc8f7dfed29f1c8e32c69711"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
041528fb.js
aj1431.online/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/041528fb.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
42b8b582a66413ff05dcd57133c964ac4ab3aa254816a376892831b50e6623c1

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:54:59 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Accept-Ranges
bytes
ETag
"0d01fbbf693b748362ba62326df962d40"
Transfer-Encoding
chunked
Content-Type
application/javascript
ks-flag.png
www.gazetaexpress.com/public/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/public/images/ks-flag.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1194c1d29ca7cd11f79be59b08fdca876dbed47faf13c6932ec89e338c9c607a

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Fri, 03 Oct 2014 06:23:32 GMT
server
cloudflare
age
252219
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d78a3d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:19 GMT
al-flag.png
www.gazetaexpress.com/public/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/public/images/al-flag.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5057f8b1ced4dc7f9cd6dcad22abdf06e0dd16de9a9d6ad47e6f1bb2e0cf9a7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2017 23:56:12 GMT
server
cloudflare
age
252219
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d78aad8bd-AMS
expires
Sun, 22 Dec 2019 15:51:19 GMT
mk-flag.png
www.gazetaexpress.com/public/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/public/images/mk-flag.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a80ed123fc6e616e3595c2172616add173dfb5085f72f4811f10bb45c35c1c1e

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2017 23:56:06 GMT
server
cloudflare
age
252219
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d78afd8bd-AMS
expires
Sun, 22 Dec 2019 15:51:19 GMT
en-flag.png
www.gazetaexpress.com/public/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/public/images/en-flag.png?12
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
efe33dcc2df517cdd648947e2d644014e8dc13b42813314b7022c430420f24aa

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Feb 2017 12:24:41 GMT
server
cloudflare
age
252219
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d78b2d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:19 GMT
logo.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/logo.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d860bcd49cc302f2ac6948ce99b714152920b39d660a72c82b75aff600967d03

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Mar 2019 00:34:22 GMT
server
cloudflare
age
252219
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d78bbd8bd-AMS
expires
Sun, 22 Dec 2019 15:51:19 GMT
logo4.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/logo4.png?v=1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
52f6baa4367d3492023611c8c777e5e3a1de46e3e7649457367a2606a6429096

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Tue, 16 Apr 2019 22:29:05 GMT
server
cloudflare
age
252217
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d78c2d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:21 GMT
GADIME.png
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		274 KB
275 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/GADIME.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a366318312a5430409065a7e85830adb1a34578a1bd0c364d74faea4953527d4

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Dec 2019 12:57:01 GMT
server
cloudflare
age
3425
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d78c5d8bd-AMS
expires
Wed, 25 Dec 2019 12:57:53 GMT
xhabir-zharku33_1528871762-6348165-600x347.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/xhabir-zharku33_1528871762-6348165-600x347.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9a26d33ba6c648956d985539ffeab6091d4272ebddf2d129d57b7bb101e6480

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 14 Dec 2019 21:30:16 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d78c7d8bd-AMS
expires
Sat, 14 Dec 2019 21:31:12 GMT
Dardan-Molliqaj1-730x440-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/09/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/09/Dardan-Molliqaj1-730x440-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
15bc1e4f78e0c73695f46395bffb733b08b9b471850035d38493ff64019f3880

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sun, 22 Sep 2019 21:24:44 GMT
server
cloudflare
age
0
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d78cbd8bd-AMS
expires
Sun, 15 Dec 2019 11:40:45 GMT
xhemalahmeti-890x395-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/07/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/07/xhemalahmeti-890x395-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f69b853208136000dc2008c0aa5b681f75d91f1c56800074ef4e6615b6f6c1b8

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sun, 21 Jul 2019 11:27:44 GMT
server
cloudflare
age
1
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d78ced8bd-AMS
expires
Sun, 15 Dec 2019 13:12:30 GMT
KEKU-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/10/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/10/KEKU-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
954fd87b2831f0cd69ad6352c12b9656cf19faec3eb8fbe4343c4ea59a96535c

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Mon, 28 Oct 2019 11:35:30 GMT
server
cloudflare
age
1016
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d78cfd8bd-AMS
expires
Wed, 25 Dec 2019 13:38:02 GMT
Vedat-Muriqi-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/Vedat-Muriqi-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a8caf58a819f01943271d00606a52ec0f46f7fab41b3499100b5dba254c5a80

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sat, 07 Dec 2019 10:35:28 GMT
server
cloudflare
age
4420
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d78d2d8bd-AMS
expires
Wed, 25 Dec 2019 12:41:18 GMT
Screenshot_7-8-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/Screenshot_7-8-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6df76895d91c62a47cb54db79d7f02abc0f969de0ec3b2444ca712b79d61464d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 15 Dec 2019 12:35:20 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d78d6d8bd-AMS
expires
Sun, 15 Dec 2019 12:36:07 GMT
sperma-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/sperma-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e5d3b5c2cbea7fe7d49fb20271ab4bd44c31edf1d6b0fd4a4a93c88efa4fdbc

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Dec 2019 06:42:32 GMT
server
cloudflare
age
25935
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d78d8d8bd-AMS
expires
Wed, 25 Dec 2019 06:42:43 GMT
79479985_1012142905818506_916111043858530304_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/79479985_1012142905818506_916111043858530304_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09094e58f8654078d26bac3e0970b99066f9961e354c2f148708a6263bb7ff97

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Dec 2019 12:43:07 GMT
server
cloudflare
age
4289
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d78ddd8bd-AMS
expires
Wed, 25 Dec 2019 12:43:29 GMT
gjermnet-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/gjermnet-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc6b70ed41092145810eb7b5e769050bb37c1f41977e87e499dfdf106fb0ce07

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Dec 2019 13:51:36 GMT
server
cloudflare
age
74
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d78dfd8bd-AMS
expires
Wed, 25 Dec 2019 13:53:44 GMT
79144288-778974432619970-4551229826840657920-n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/79144288-778974432619970-4551229826840657920-n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
415188063f906de5ed79e86bab9bafb565ed3e188a28d833645bd07974e4730d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 15 Dec 2019 13:18:19 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d78e2d8bd-AMS
expires
Sun, 15 Dec 2019 13:19:18 GMT
te-gjitha-shenjat-horoskop-770x433-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/te-gjitha-shenjat-horoskop-770x433-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d97e7f04bbf43d7bba48152ddd3655e11829e08ecde06ac86b58909abd16c5e7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 15 Dec 2019 06:10:03 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d78e5d8bd-AMS
expires
Sun, 15 Dec 2019 06:10:56 GMT
Ronaldoo-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/11/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/11/Ronaldoo-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fce74534ec518a825b427820c64bd4ccdcc78a2cc2ef6299e1110d7e35ff02f7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Nov 2019 20:47:33 GMT
server
cloudflare
age
1
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d78ead8bd-AMS
expires
Sun, 15 Dec 2019 13:26:00 GMT
1-213-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/1-213-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
23e602aa4d316b0c9a6f6f81fb5bc61afe7e869e11d8661032db04c3f8a6cd8d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 15 Dec 2019 10:57:18 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8917d8bd-AMS
expires
Sun, 15 Dec 2019 10:58:11 GMT
t7.png
www.gazetaexpress.com/public/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/public/t7.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
75d8123861eb05f843af822d875f255d2578965d0974366b191ed99c2b09a24a

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Thu, 14 Mar 2019 14:02:37 GMT
server
cloudflare
age
252216
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d891bd8bd-AMS
expires
Sun, 22 Dec 2019 15:51:22 GMT
Marreveshja-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/Marreveshja-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
52382611467b9b5657876fbef8d89e40f13eadb6c6ea55f511157122eb0a5cf6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Dec 2019 13:48:01 GMT
server
cloudflare
age
383
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d891ed8bd-AMS
expires
Wed, 25 Dec 2019 13:48:35 GMT
Hong-Kong-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/Hong-Kong-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cab250f6372fb6a72debe125d1195e4cad09a6e77299aa1dc1b14d1a287512e4

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 15 Dec 2019 13:29:35 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8922d8bd-AMS
expires
Sun, 15 Dec 2019 13:30:15 GMT
peja111-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/03/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/03/peja111-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
62df3f78de325c18cefc007ed22c3f9a8e46e001436ec2935493de58d72386d0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Wed, 17 Apr 2019 15:02:28 GMT
server
cloudflare
age
6277
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8925d8bd-AMS
expires
Wed, 25 Dec 2019 12:10:21 GMT
Rumania-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/Rumania-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f76844b0495cc97fae5765a9786f1b977f878e505112cbc59ace3b3807f24a93

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Dec 2019 11:57:52 GMT
server
cloudflare
age
6749
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8928d8bd-AMS
expires
Wed, 25 Dec 2019 12:02:29 GMT
sonila-meco-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/sonila-meco-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
313d23901f6cecce4c3d9487e4fe617dff2572808a47492736f716c6ddb161b8

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Dec 2019 10:24:21 GMT
server
cloudflare
age
1
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d892ad8bd-AMS
expires
Sun, 15 Dec 2019 10:24:43 GMT
av-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/av-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a329fc1a599ca07d6606a56a0ddff9954fcc355a788a5bd85365844aec4ef642

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 14 Dec 2019 22:32:19 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d892bd8bd-AMS
expires
Sat, 14 Dec 2019 22:33:20 GMT
foto-kushtrim-ternava-betimi-i-kryetarit-te-ri-shpend-ahmeti31-600x347.jpg
www.gazetaexpress.com/wp-content/uploads/2019/04/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/04/foto-kushtrim-ternava-betimi-i-kryetarit-te-ri-shpend-ahmeti31-600x347.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
955a576f318bc552e92188388ba4e7e9c58b8395a120555fec04c005f47dcc0b

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Wed, 17 Apr 2019 15:07:09 GMT
server
cloudflare
age
0
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d892cd8bd-AMS
expires
Sun, 15 Dec 2019 11:02:43 GMT
express-lajmi-i-fundit-1-600x360.png
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/express-lajmi-i-fundit-1-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b6d81383ff606e5fa260578fae4466016aa3e61c9c391cf2210c9e8bf69ad9f

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 03 Dec 2019 11:19:02 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d892dd8bd-AMS
expires
Sun, 15 Dec 2019 06:07:11 GMT
express-lajmi-i-fundit-3-600x360.png
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/express-lajmi-i-fundit-3-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b6d81383ff606e5fa260578fae4466016aa3e61c9c391cf2210c9e8bf69ad9f

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 09 Dec 2019 16:36:49 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8932d8bd-AMS
expires
Sun, 15 Dec 2019 09:50:43 GMT
RepEliot-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/07/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/07/RepEliot-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0581f82c1691f5609769e3eb035f954a476282c010ab8eb0dcfcb027bd7814e7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2019 06:29:22 GMT
server
cloudflare
age
26191
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8934d8bd-AMS
expires
Wed, 25 Dec 2019 06:38:27 GMT
lekaj-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/lekaj-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
62dbe2327bbebc2ab4680a7f53b6f1f3fdcc9f4f6004e2d9c50448edd5a8d770

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Dec 2019 07:08:05 GMT
server
cloudflare
age
24398
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8936d8bd-AMS
expires
Wed, 25 Dec 2019 07:08:20 GMT
Filipinet-600x360.png
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/Filipinet-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b1f01bc144c12d1f8204f0b7f7715d4c070a02f8e2dbd6ca34676c4d65704ae

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Dec 2019 08:06:38 GMT
server
cloudflare
age
20851
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8937d8bd-AMS
expires
Wed, 25 Dec 2019 08:07:27 GMT
LDK-1-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/LDK-1-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f2f678ff48fa5a51868bcfb0b20cd85cc92c28b058ca898864cbbc44b840398

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 15 Dec 2019 08:19:14 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8939d8bd-AMS
expires
Sun, 15 Dec 2019 10:11:10 GMT
79484093_1488571597978796_7645317515190468608_n-780x439-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/79484093_1488571597978796_7645317515190468608_n-780x439-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
539a42037e10bb866363687a7aec31af4d8831e0b778facb7d98ac66bed33855

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 15 Dec 2019 09:02:02 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d893dd8bd-AMS
expires
Sun, 15 Dec 2019 09:02:41 GMT
ibrahim-berisha-profesor-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/ibrahim-berisha-profesor-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
84960d15f2639637207abe7d6e2e8e7e05077bb1dbd093446be5671081a0a7fc

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 15 Dec 2019 09:56:30 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8940d8bd-AMS
expires
Sun, 15 Dec 2019 09:57:28 GMT
lm-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/lm-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a5111cf229fe689606efc0f1c31bce044a2a9d780f284ef27139ef0f663988e

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Dec 2019 19:15:22 GMT
server
cloudflare
age
252212
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8941d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:26 GMT
5-4-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/5-4-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e269c969f75a4e211b5af1b663d2a9860b05821225682c487265aecc5a1c99

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 04 Dec 2019 17:05:27 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8943d8bd-AMS
expires
Sun, 15 Dec 2019 05:45:41 GMT
RTX6ICA0-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/RTX6ICA0-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e38d5baec7a46875c27ea055abcfd057b7949dc8f95944ee10093fd8bc0abed

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Dec 2019 13:53:52 GMT
server
cloudflare
age
12
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8944d8bd-AMS
expires
Wed, 25 Dec 2019 13:54:46 GMT
milan-sassuolo_a72bb17-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/milan-sassuolo_a72bb17-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5723108fe1583d6812bf943dcddd5d94bc0235a47f76cbd6121d7ce21bd068f6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Dec 2019 13:27:49 GMT
server
cloudflare
age
1
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8946d8bd-AMS
expires
Sun, 15 Dec 2019 13:28:11 GMT
GettyImages-1066530524-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/GettyImages-1066530524-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b249050c3964416cff2650eec9679d6e0a3ae824c143862abf2953a8fe87b73

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Dec 2019 13:16:46 GMT
server
cloudflare
age
1
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8948d8bd-AMS
expires
Sun, 15 Dec 2019 13:16:56 GMT
1054637892.jpg.0-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/1054637892.jpg.0-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f002bf319686f9b8f63fdf5bf2e248d8795b776c20d18a0b1d2ad358139b476

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Dec 2019 13:06:28 GMT
server
cloudflare
age
2895
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d894ad8bd-AMS
expires
Wed, 25 Dec 2019 13:06:43 GMT
roze.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/roze.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b90d0cded9720b6d4c487472776555df0db4914ba5bb91fead64cc826bc2d854

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Mar 2019 00:34:22 GMT
server
cloudflare
age
252211
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d894cd8bd-AMS
expires
Sun, 22 Dec 2019 15:51:27 GMT
e5yya-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/e5yya-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4b067a11d46a729e2a980a01c3beff8029cf238e85094f778422c8d6ee2f088

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Dec 2019 12:42:34 GMT
server
cloudflare
age
4313
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d894fd8bd-AMS
expires
Wed, 25 Dec 2019 12:43:05 GMT
hero-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/hero-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
94867734c0e322b1f7640385a0c9480d08f7f8365f741a6ce7c006a1f3c1dcb1

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Dec 2019 12:16:03 GMT
server
cloudflare
age
5907
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8954d8bd-AMS
expires
Wed, 25 Dec 2019 12:16:31 GMT
Screenshot_1-50-576x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/Screenshot_1-50-576x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f894672225f1ff3807d9cab0bb994e1adeb681357278b3d3270edeb856a20762

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 15 Dec 2019 11:50:25 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8956d8bd-AMS
expires
Sun, 15 Dec 2019 11:50:38 GMT
ermali-1-602x405-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/ermali-1-602x405-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e90e9bf44a8a1ca91a713ed5045d8e4cbebc5cbec27f17db8a3f33603a06e3c

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 15 Dec 2019 11:19:00 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8959d8bd-AMS
expires
Sun, 15 Dec 2019 11:19:11 GMT
Six-Impossible-Things-2019-12-15T101333.880-1-600x360.png
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		229 KB
229 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/Six-Impossible-Things-2019-12-15T101333.880-1-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
660a216f0345779f00503fb6e1a05da2e3c6a04849679e23f0c4208cdda08d5d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 15 Dec 2019 09:30:49 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d895bd8bd-AMS
expires
Sun, 15 Dec 2019 09:31:16 GMT
lina_1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/lina_1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c52a71e3004087e0443455ef7e43a5066e9c675a2a808666186b4f032ed776c

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Dec 2019 09:26:20 GMT
server
cloudflare
age
16069
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d895dd8bd-AMS
expires
Wed, 25 Dec 2019 09:27:09 GMT
al-2-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/al-2-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
56dbad93fd7a5c1ed7c9a0e008f8104224184948ede10c0a848ce683e9084749

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 14 Dec 2019 20:12:19 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d895ed8bd-AMS
expires
Sun, 15 Dec 2019 05:35:39 GMT
kivi-600x356.jpg
www.gazetaexpress.com/wp-content/uploads/2019/04/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/04/kivi-600x356.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
71bd1a23bfcbbd17f401984ec1a3d8d199e8fdc47faafd39fef641960f27f153

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Apr 2019 17:01:30 GMT
server
cloudflare
age
71844
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d895fd8bd-AMS
expires
Tue, 24 Dec 2019 17:57:34 GMT
auto-13gjemb1576246999-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/auto-13gjemb1576246999-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c4c4de3d1d8d00b461709fe367b96b152eaeceeb77321de3aa20a8b406dafb5

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 14 Dec 2019 09:58:59 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8964d8bd-AMS
expires
Sun, 15 Dec 2019 05:45:41 GMT
Akulli-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/Akulli-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f6beccc2ddcba87273ee8e80a95769bcfa4a2f30a983aed883308a49855ec52

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sat, 14 Dec 2019 09:15:26 GMT
server
cloudflare
age
103093
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8966d8bd-AMS
expires
Tue, 24 Dec 2019 09:16:45 GMT
qorape-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/qorape-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
134b7f01e8d87365eab9206a86dcb7cc1aac7c567dea7a217b1cf155781f516f

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sat, 14 Dec 2019 07:01:13 GMT
server
cloudflare
age
111169
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8968d8bd-AMS
expires
Tue, 24 Dec 2019 07:02:09 GMT
ace-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/ace-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
26cec93e93993c9f6058fe892253f13b132f7512e38c7b2c1a5bbcab671eee68

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Fri, 13 Dec 2019 21:08:17 GMT
server
cloudflare
age
146739
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8969d8bd-AMS
expires
Mon, 23 Dec 2019 21:09:19 GMT
agnesa-1-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/agnesa-1-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfdb343d596c692008643e1e6aaaffdbcf7459c28b0a90bf808bb1d2ff397f4a

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 13 Dec 2019 19:20:40 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d896cd8bd-AMS
expires
Sun, 15 Dec 2019 05:34:35 GMT
after-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/after-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
08c340778f90af340b469a37d06a82535bd031fd4fdb859a20f08a6f42450585

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Dec 2019 22:09:55 GMT
server
cloudflare
age
227223
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d896dd8bd-AMS
expires
Sun, 22 Dec 2019 22:47:55 GMT
ct-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/ct-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0297128952e1e2330b6bf9e54c0f3f59636d201ae74f5f16a111d443fbcf488

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Dec 2019 19:50:00 GMT
server
cloudflare
age
237009
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d896ed8bd-AMS
expires
Sun, 22 Dec 2019 20:04:49 GMT
wonder-600x360.png
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		346 KB
346 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/wonder-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e23b3a59a2ae93d0c056d8afd86634e7e1c533ab327af276a9ce9641dc454937

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 21:22:15 GMT
server
cloudflare
age
252210
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8971d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:28 GMT
Foto-DW-600x360.jpeg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/Foto-DW-600x360.jpeg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3547576e270ff501dd51c006eff7e00acd1043f2a2885391e73175af840d2446

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 10:24:30 GMT
server
cloudflare
age
252210
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8972d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:28 GMT
tofo-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/tofo-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e560ad05008507998e37a102517bcb869cb974f6bcaa447c0013e21a02c16226

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Dec 2019 23:27:07 GMT
server
cloudflare
age
252210
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8976d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:28 GMT
PINTTT-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/PINTTT-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3ef2980e22c4470655bbe8ca28a3d4f88b444d79e63d976e2eed5861b0f774d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Dec 2019 10:49:32 GMT
server
cloudflare
age
252210
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8979d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:28 GMT
fakesociety.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/fakesociety.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e7a79a3453c3971051b8a9feec214a4eb62f95e39f9c1e33b7303b771ea5f16

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Fri, 13 Dec 2019 10:27:40 GMT
server
cloudflare
age
185226
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d897dd8bd-AMS
expires
Mon, 23 Dec 2019 10:27:52 GMT
imer-muhskolaj-oped-express-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/11/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/11/imer-muhskolaj-oped-express-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eacf5708cb0d805548812723b2ef364b1385d36a078274aef15c0847735fa8c

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 28 Nov 2019 10:00:14 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d897ed8bd-AMS
expires
Sun, 15 Dec 2019 05:45:41 GMT
Baton-Haxhiu-633x330-600x330.jpg
www.gazetaexpress.com/wp-content/uploads/2019/04/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/04/Baton-Haxhiu-633x330-600x330.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aaed74f833357815a814fc9ae78936406b1b5794b381eccde0158977e756117

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 27 Apr 2019 18:07:21 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d897fd8bd-AMS
expires
Sun, 15 Dec 2019 05:45:41 GMT
kurio-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/kurio-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1150565ceb8e330e6453bd8a8fb24bf2a3c26bb4737e55b317c5976e57e4d569

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Dec 2019 08:39:20 GMT
server
cloudflare
age
18910
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8983d8bd-AMS
expires
Wed, 25 Dec 2019 08:39:48 GMT
640-0-5cd190461737e-640x373-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/640-0-5cd190461737e-640x373-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4632a3c4f47affda813ad7e742e28b6c72f02a05d4dfdd691615066e7ccb453

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 14 Dec 2019 06:14:43 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8984d8bd-AMS
expires
Sun, 15 Dec 2019 05:45:41 GMT
Horoskopi-1-650x358-600x358-1-600x358.jpg
www.gazetaexpress.com/wp-content/uploads/2019/03/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/03/Horoskopi-1-650x358-600x358-1-600x358.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
98635555ea57caf63d9c28a18386dd76d0243bd443eca464ac44d19f33372119

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 17 Apr 2019 15:03:11 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8986d8bd-AMS
expires
Sun, 15 Dec 2019 05:45:41 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4881
date
Sun, 15 Dec 2019 12:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sun, 15 Dec 2019 14:33:37 GMT
hjhj-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/hjhj-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
afb36c4701f9bc1bae7cdc78cea3b2b01cc939efe9b6712568e2b4adcc64d2e8

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 14 Dec 2019 05:45:15 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8988d8bd-AMS
expires
Sun, 15 Dec 2019 05:45:41 GMT
vjedhja.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/vjedhja.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2750d10901a2cbe6573cf62b9487f38744868dfea3cbbae20fe0d07f41895518

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Fri, 13 Dec 2019 21:14:30 GMT
server
cloudflare
age
146423
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d898ad8bd-AMS
expires
Mon, 23 Dec 2019 21:14:35 GMT
thellesia-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/thellesia-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1140ea74da6758a4807ed0cc9c61b3d58e1bb97b7ea35aa6cba8ba5df2b9a9fb

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Fri, 13 Dec 2019 21:24:49 GMT
server
cloudflare
age
145771
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d898bd8bd-AMS
expires
Mon, 23 Dec 2019 21:25:27 GMT
epremte-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/epremte-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ded5339e7df5c71a1bcd6a0297580d436eb8e87cc969499db186d6185692d6f

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Fri, 13 Dec 2019 21:22:45 GMT
server
cloudflare
age
145884
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d898ed8bd-AMS
expires
Mon, 23 Dec 2019 21:23:34 GMT
vrima-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/vrima-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7094dd4cc3aa7fd1f4058963bc44e5824c7274f2b0d834d9c4c2a43961cd07d8

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Dec 2019 22:34:49 GMT
server
cloudflare
age
227223
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8991d8bd-AMS
expires
Sun, 22 Dec 2019 22:47:55 GMT
veza-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/veza-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d7837f78e467a95e02d38524ccf385817de42e3174838364e0e299e0f035718

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 21:40:39 GMT
server
cloudflare
age
252208
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8993d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:30 GMT
maska-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/maska-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
40c18764df3f630910a3cd5989e975ca89e2e3b7c91dbf3d61120a74e09b30dd

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Dec 2019 23:47:50 GMT
server
cloudflare
age
252208
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8996d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:30 GMT
mumie-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/mumie-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09df77701be4f66e6b0d88eace3249d3ac565d21a250ba22e1ab29e6c637eacd

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Mon, 09 Dec 2019 22:56:57 GMT
server
cloudflare
age
252207
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d8998d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:31 GMT
logo-footer.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/logo-footer.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca8fb7a8194728b9c16058a207355d712d9dc78ed439465322f5357e6acf30fd

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Mar 2019 00:34:19 GMT
server
cloudflare
age
252207
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d899bd8bd-AMS
expires
Sun, 22 Dec 2019 15:51:31 GMT
shkabajLogo.png
www.gazetaexpress.com/public/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/public/images/shkabajLogo.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
342773fa0d89481ec7521bd4994beaa6145a54c1b35a1c4f3033bdec36dcd01a

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Dec 2014 10:39:40 GMT
server
cloudflare
age
252207
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d89a1d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:31 GMT
chevron-top.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/repository/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/repository/chevron-top.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
77392f8766632c2c7384609a5a5b7f759c4d5dad0e9d60e54fe7da82e5a51394

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 15:01:16 GMT
server
cloudflare
age
252206
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
5458e99d89a3d8bd-AMS
content-length
1274
expires
Sun, 22 Dec 2019 15:51:32 GMT
mpp-frontend.js
www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/js/ 		290 B
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-polished
origSize=331
x-cache-status
HIT
status
200
last-modified
Wed, 04 Sep 2019 23:49:11 GMT
pragma
public
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
5458e99c3c7dd8bd-AMS
expires
Sat, 14 Dec 2019 14:08:47 GMT
jquery.fancybox.min.js
www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/fancybox/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/fancybox/jquery.fancybox.min.js?ver=1.2.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cea969acd75c4a1d1fd3950c397486ed14625d27777d70a205a8286cae0f3f

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 17:34:29 GMT
server
cloudflare
age
252219
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99c9d9ad8bd-AMS
expires
Sun, 22 Dec 2019 15:51:19 GMT
bootstrap.bundle.min.js
www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bootstrap/js/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bootstrap/js/bootstrap.bundle.min.js?ver=1.2.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 17:34:42 GMT
server
cloudflare
age
252219
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99cce25d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:19 GMT
jquery.bxslider.js
www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bxslider/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bxslider/jquery.bxslider.js?ver=1.2.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1af75344a3c58703523ea517239fb2e61d94e90e3824a5751a873723103e2905

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
age
250424
cf-polished
origSize=65388
status
200
last-modified
Thu, 07 Feb 2019 17:34:33 GMT
pragma
public
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
5458e99cde69d8bd-AMS
expires
Sun, 22 Dec 2019 16:21:14 GMT
scripts.js
www.gazetaexpress.com/wp-content/themes/gazetaexpress/js/ 		872 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/js/scripts.js?ver=1.2.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdfc8660b7bc66e1df0b0d8c7e1b09c83362acfc3d92a0d5bef8179e7878ef61

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
age
252219
cf-polished
origSize=1235
status
200
last-modified
Thu, 07 Feb 2019 15:01:36 GMT
pragma
public
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
5458e99cfed6d8bd-AMS
expires
Sun, 22 Dec 2019 15:51:19 GMT
underscore.min.js
www.gazetaexpress.com/wp-includes/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ede1815b17e451c16258034bcf89a7957256c67884aefffefbb97020770fdc06

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 02 Mar 2019 23:51:09 GMT
server
cloudflare
age
252219
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d0efad8bd-AMS
expires
Sun, 22 Dec 2019 15:51:19 GMT
facets.min.js
www.gazetaexpress.com/wp-content/plugins/elasticpress/features/facets/assets/js/ 		399 B
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/elasticpress/features/facets/assets/js/facets.min.js?ver=2.8.1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
842542e571b27f1586b2472b0f927e13973b6b47e5d9fe345abfd2436eb24fe6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Feb 2019 13:02:49 GMT
server
cloudflare
age
252219
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d2f5cd8bd-AMS
expires
Sun, 22 Dec 2019 15:51:19 GMT
wpFeatherlight.pkgd.min.js
www.gazetaexpress.com/wp-content/plugins/wp-featherlight/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd.min.js?ver=1.3.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
76a90135a3f44e3108f3a857d9bc86327de6be031917368293a94cd5a6935ef8

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Aug 2018 01:52:48 GMT
server
cloudflare
age
252218
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d3fabd8bd-AMS
expires
Sun, 22 Dec 2019 15:51:20 GMT
wp-embed.min.js
www.gazetaexpress.com/wp-includes/js/ 		1 KB
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/wp-embed.min.js?ver=5.2.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Dec 2018 14:46:21 GMT
server
cloudflare
age
250424
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99d788bd8bd-AMS
expires
Sun, 22 Dec 2019 16:21:14 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019121002.js
securepubads.g.doubleclick.net/gpt/ 		163 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60922
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:54:58 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-113.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 05 Oct 2019 16:34:27 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Mar 2019 16:01:33 GMT
Server
AmazonS3
Age
6124832
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA6-C1
Connection
keep-alive
X-Amz-Cf-Id
7XAG_0xNL25JlvLWPLKHysPlRQ6in9iMJm9TKrNDecoPadh7WCpXiA==
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: adxbid.info
URL: https://adxbid.info/gf_AL-BA-BI-BY-CD-CF-CU-IQ-IR-KP-LB-LY-ME-MK-RS-RU-SD-SO-SS-SY-UA-VE-YE-ZW_gazetaexpress.com_all.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sun, 15 Dec 2019 13:54:58 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: adxbid.info
URL: https://adxbid.info/gf_AL-BA-BI-BY-CD-CF-CU-IQ-IR-KP-LB-LY-ME-MK-RS-RU-SD-SO-SS-SY-UA-VE-YE-ZW_gazetaexpress.com_all.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sun, 15 Dec 2019 13:54:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.gazetaexpress.com
cygnus
as-sec.casalemedia.com/ 		25 B
911 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=304397&v=7.2&r=%7B%22id%22%3A%221959c7fe46488de%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2220e835342f26df3%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22304397%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22id%22%3A%2221557e37c9194ac%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22304397%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22id%22%3A%2222cde4c4e15f336%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22304397%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2223dbf20e86d163a%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22304397%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%222422ad3e6977fe6%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22304397%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%22255f09374cacf6%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22304397%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2226e2886d3e58b5b%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22304397%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22id%22%3A%22279ca38a42451d9%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22304397%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: adxbid.info
URL: https://adxbid.info/gf_AL-BA-BI-BY-CD-CF-CU-IQ-IR-KP-LB-LY-ME-MK-RS-RU-SD-SO-SS-SY-UA-VE-YE-ZW_gazetaexpress.com_all.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2b44db2cd43dc336ef5685e4085e7871c3c3b9702fff15cdca60700321524516

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:54:58 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Sun, 15 Dec 2019 13:54:58 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		927 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: adxbid.info
URL: https://adxbid.info/gf_AL-BA-BI-BY-CD-CF-CU-IQ-IR-KP-LB-LY-ME-MK-RS-RU-SD-SO-SS-SY-UA-VE-YE-ZW_gazetaexpress.com_all.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
9ee8b6d130930d5bd915ed36174ece5d79c9fe8c2587533628036d855f253a77
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 15 Dec 2019 13:55:00 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.238:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
81d75ff5-3832-4567-aafc-1e65cdd59cbf
Server
nginx/1.13.4
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
hb.emxdgt.com/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1576418098809&src=pbjs
Requested by
Host: adxbid.info
URL: https://adxbid.info/gf_AL-BA-BI-BY-CD-CF-CU-IQ-IR-KP-LB-LY-ME-MK-RS-RU-SD-SO-SS-SY-UA-VE-YE-ZW_gazetaexpress.com_all.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 15 Dec 2019 13:54:59 GMT
Content-Type
text/html
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
cdb
bidder.criteo.com/ 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=21&wv=2.37.0-pre&cb=79928733309
Requested by
Host: adxbid.info
URL: https://adxbid.info/gf_AL-BA-BI-BY-CD-CF-CU-IQ-IR-KP-LB-LY-ME-MK-RS-RU-SD-SO-SS-SY-UA-VE-YE-ZW_gazetaexpress.com_all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sun, 15 Dec 2019 13:54:58 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://www.gazetaexpress.com
timing-allow-origin
*
vary
Origin
bid
ap.lijit.com/rtb/ 		47 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.37.0-pre
Requested by
Host: adxbid.info
URL: https://adxbid.info/gf_AL-BA-BI-BY-CD-CF-CU-IQ-IR-KP-LB-LY-ME-MK-RS-RU-SD-SO-SS-SY-UA-VE-YE-ZW_gazetaexpress.com_all.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
adffd5a2eae80b37cc6d91326eedd531f055ee1f6945ac8b1c820e035c6403d0

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 15 Dec 2019 13:54:59 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
65
header-bg.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/repository/ 		159 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/repository/header-bg.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7385bfde4c121c81486ba15fd68e6d02058b8dde2853b57c79d4088d53aed62b

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/style.css?ver=1.11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 15:01:17 GMT
server
cloudflare
age
252219
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
5458e99db9e9d8bd-AMS
content-length
159
expires
Sun, 22 Dec 2019 15:51:19 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C300%2C400%2C600%2C700%7CRoboto+Slab&ver=1.0
Origin
https://www.gazetaexpress.com

Response headers

date
Wed, 20 Nov 2019 04:42:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:19 GMT
server
sffe
age
2193125
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13324
x-xss-protection
0
expires
Thu, 19 Nov 2020 04:42:53 GMT
search.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/repository/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/repository/search.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
430eeed0076e4b943d324406f5402477e3878768474537eec934106d356b7161

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/style.css?ver=1.11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
HIT
last-modified
Tue, 16 Apr 2019 22:28:08 GMT
server
cloudflare
age
252219
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99dca2bd8bd-AMS
expires
Sun, 22 Dec 2019 15:51:19 GMT
intersbc-webfont.woff
www.gazetaexpress.com/wp-content/themes/gazetaexpress/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/fonts/intersbc-webfont.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c2e469b3e2f8f23eed0b99557538e8ef7d9d1e636e45b027b9d888e75acf4b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/style.css?ver=1.11
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:54:58 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
status
200
strict-transport-security
max-age=63072000; includeSubdomains
content-length
22996
pragma
public
last-modified
Thu, 07 Feb 2019 15:01:40 GMT
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
5458e99dfae8d8bd-AMS
expires
Sun, 15 Dec 2019 13:54:19 GMT
sdk.js
connect.facebook.net/en_GB/ 		197 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js?hash=0ece2ed6e2cc3184717f134abb599e0f&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
5ed775143132adb14be20c77bf270e7a2e53fc579b4be12f4e9ec60cd35a29f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
TtoEeCPeEKquX2fLHGqFBw==
status
200
date
Sun, 15 Dec 2019 13:54:58 GMT
expires
Mon, 14 Dec 2020 12:39:46 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
60122
x-fb-debug
HhuDclOn1B3AKeZsONpnwFeU1JTXn/KYmS3yvvP/cfL7a1Tnwg29wRyMPSDR1tQ5XEggkh7ojiv6Dncd0sH/Tw==
x-fb-trip-id
420120009
x-fb-content-md5
a5bf08816003a49778ff19f30b7254f6
etag
"7061fcc81b26da300aef0d1088f6ef1a"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C300%2C400%2C600%2C700%7CRoboto+Slab&ver=1.0
Origin
https://www.gazetaexpress.com

Response headers

date
Sat, 14 Dec 2019 11:57:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:17 GMT
server
sffe
age
93470
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12976
x-xss-protection
0
expires
Sun, 13 Dec 2020 11:57:08 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1739626592&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shq...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6427330-1&cid=579362629.1576418099&jid=1187998644&_gid=1963582079.1576418099&gjid=1415215082&_v=j79&z=1093338573
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=579362629.1576418099&jid=1187998644&_v=j79&z=1093338573
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=579362629.1576418099&jid=1187998644&_v=j79&z=1093338573&slf_rd=1&random=3425747818
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=579362629.1576418099&jid=1187998644&_v=j79&z=1093338573&slf_rd=1&random=3425747818
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:54:59 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:54:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=579362629.1576418099&jid=1187998644&_v=j79&z=1093338573&slf_rd=1&random=3425747818
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1739626592&t=event&_s=2&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%C3%ABri%20dhe%20Maqedoni%20-%20www.gazetaexpress.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VisitsSource&ea=Website&_u=IGBACEABB~&jid=&gjid=&cid=579362629.1576418099&tid=UA-6427330-1&_gid=1963582079.1576418099&z=1507937332
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 17:46:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2059702
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
t7-live
video.gjirafa.com/embed/ Frame F475 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/embed/t7-live
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.156 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

:method
GET
:authority
video.gjirafa.com
:scheme
https
:path
/embed/t7-live
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.gazetaexpress.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

status
200
date
Sun, 15 Dec 2019 13:55:00 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d430da87cf7244563ee9ffb91e9e94a711576418100; expires=Tue, 14-Jan-20 13:55:00 GMT; path=/; domain=.gjirafa.com; HttpOnly; Secure ASP.NET_SessionId=b24xewmuprezvxvv1wbgk2mb; path=/; HttpOnly _mgTraffic=B; domain=video.gjirafa.com; expires=Sun, 15-Mar-2020 21:55:00 GMT; path=/ __gjci=c3027e45f87148bc9d826d63a73347d6; domain=.gjirafa.com; expires=Sat, 15-Dec-2029 22:55:00 GMT; path=/ gjs=ovh.gra2.win.web.14; path=/
cache-control
private
vary
Accept-Encoding
x-aspnetmvc-version
5.2
x-frame-options
AllowAll
x-aspnet-version
4.0.30319
x-html-minification-powered-by
WebMarkupMin
x-powered-by
ASP.NET
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5458e9a57e40725d-AMS
content-encoding
br
Screenshot_3-51-600x360.png
www.gazetaexpress.com/wp-content/uploads/2019/04/ 		213 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/04/Screenshot_3-51-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d207a477226b283dc07dc414dba49f80224469ca61b349983c270cc59c47430

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:59 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 22 Apr 2019 07:45:20 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99ead13d8bd-AMS
expires
Sun, 15 Dec 2019 05:40:03 GMT
Screenshot_2-57-600x360.png
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		244 KB
245 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/Screenshot_2-57-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
800d4734297ec32dc9a83deb683d2bf9086d919167e30c68e49baa1bcf044bba

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:54:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 14 Dec 2019 00:13:09 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e99ead1bd8bd-AMS
expires
Sun, 15 Dec 2019 05:05:28 GMT
projectagora.min.js
projectagoralibs.com/libs/ 		348 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagoralibs.com/libs/projectagora.min.js
Requested by
Host: twpasol.com
URL: https://twpasol.com/c/gazetaexpress.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:6d7c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
33b1316506f253761b949033f2a53c52a08446c8487230e7451bd3b166e4be88

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:59 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2131
status
200
content-type
application/javascript
content-length
99943
x-amz-id-2
eJDiBB/G87Npfm6vMFRAlv5fsZGoBwLKkYtXDR3TW54XrTdfXAfpjIl2nrHrTdalvfCx58JbmS0=
last-modified
Thu, 12 Dec 2019 11:18:35 GMT
server
cloudflare
etag
"e6f20f5a62eea62b623a8d01951ac806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
21AFB65E37875D96
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5458e99f1b53cbbc-VIE
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%C3%ABri%20dhe%20Maqedoni%20-%20www.gazetaexpress.com&time=1576418099065&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.gazetaexpress.com%2F&random_number=8956160754&sess_cookie=ff7f282d16f09d73f787cfd560e&sess_cookie_flag=1&user_cookie=ff7f282d16f09d73f787cfd560e&user_cookie_flag=1&dynamic=true&domain=gazetaexpress.com&account=OPTMe1aoiI00Ua&jsv=20130128&user_lang=en-US
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.3 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-3.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 15:07:16 GMT
Via
1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
x-amz-meta-alexa-last-modified
20110117123941
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
58020
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
X-Amz-Cf-Pop
FRA53-C1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
ol7mhfPN1ywkVFy62P7ovvja1D39TnHw3qVVoUZuPs12fQqny_qykA==
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C300%2C400%2C600%2C700%7CRoboto+Slab&ver=1.0
Origin
https://www.gazetaexpress.com

Response headers

date
Fri, 22 Nov 2019 03:57:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:07 GMT
server
sffe
age
2023035
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13108
x-xss-protection
0
expires
Sat, 21 Nov 2020 03:57:44 GMT
xd_arbiter.php
staticxx.facebook.com/connect/ Frame E598 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=0ece2ed6e2cc3184717f134abb599e0f&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.gazetaexpress.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

status
200
content-encoding
br
content-type
text/html; charset=utf-8
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 12 Dec 2020 20:25:12 GMT
cache-control
public,max-age=31536000,immutable
x-fb-debug
+638eJcygtikoSQarKeNbErcK3pwmjCsei7SA7I/TmvGpTNPxfKP38OFBZu+Ik1vXpZlKjJDgajA7RH4bXcrsA==
content-length
12347
x-fb-trip-id
420120009
date
Sun, 15 Dec 2019 13:54:59 GMT
alt-svc
h3-24=":443"; ma=3600
/
www.facebook.com/tr/ 		44 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=211121436486198&ev=fb_page_view&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&rl=&if=false&ts=1576418099102&sw=1600&sh=1200
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Sun, 15 Dec 2019 13:54:59 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu3cOWxw.woff2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
68557607814f0192de7c0ca91b6271099eb9f32a1b1d90f582b22c5c8d44a93e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C300%2C400%2C600%2C700%7CRoboto+Slab&ver=1.0
Origin
https://www.gazetaexpress.com

Response headers

date
Thu, 21 Nov 2019 23:30:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:06 GMT
server
sffe
age
2039070
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13008
x-xss-protection
0
expires
Fri, 20 Nov 2020 23:30:29 GMT
quant.js
secure.quantserve.com/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.184 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:54:59 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15-Dec-2019 13:54:59 GMT
Server
QS
ETag
M0-56c8c653
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5651
Expires
Sun, 22 Dec 2019 13:54:59 GMT
fbds.js
connect.facebook.net/en_US/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f9e5a670cac6d8e4725a3fb6144238805de4a31119564d64011e82db42b7832e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
peLuNQLlm/kPAWQMWN0cxQ==
status
200
date
Sun, 15 Dec 2019 13:54:59 GMT
expires
Sun, 15 Dec 2019 14:09:32 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
2118
x-fb-debug
nppwSdefsTgmozK9xNk3f5n0/ddpAXHw2tfWddJ8bHoopB7HpnBvmm+frNLz+L8Bl49cHBXzc4fs3AA/biusiA==
x-fb-trip-id
420120009
x-fb-content-md5
a2e2b217857ac76509f236276c72b500
etag
"7a0ae6aeb45a11e5d2efc36e971004ca"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30426
x-xss-protection
0
pragma
public
x-fb-debug
aRyG7B4sMoNFCasV/QgvaTE3oIlQMt6k3eTqUvHM71oUIMK4NvNzD/fvzoO0Bc6PziLaUB9lrqT0G3OoIEGMzA==
x-fb-trip-id
420120009
date
Sun, 15 Dec 2019 13:54:59 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
cmp_shim.js
d2zv5rkii46miq.cloudfront.net/0/latest/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zv5rkii46miq.cloudfront.net/0/latest/cmp_shim.js
Requested by
Host: projectagoralibs.com
URL: https://projectagoralibs.com/libs/projectagora.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:7000:17:5578:e080:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
120fb2279d5061dd4a428f935fdf10c09e95c1f2ec0346f7aaf6c8b7f382cf49

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:28:22 GMT
content-encoding
gzip
last-modified
Fri, 06 Sep 2019 15:33:38 GMT
server
AmazonS3
age
4573
etag
"1de86d90311bcd5ee000f2f732b294a9"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
1698
via
1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
x-amz-cf-id
KiTC7cnk2GPGJDQSJ1VQOR8WuWfIEi3eyRKHAoXHGqhxwGj83TAapA==
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=null&ev=6025887620575&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&rl=&if=false&ts=1576418099270&cd[value]=0.01&cd[currency]=EUR
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Sun, 15 Dec 2019 13:54:59 GMT
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=null&ev=6025887912175&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&rl=&if=false&ts=1576418099270&cd[value]=0.01&cd[currency]=EUR
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Sun, 15 Dec 2019 13:54:59 GMT
teads-format.min.js
a.teads.tv/media/format/v3/ 		712 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/76285/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9a8ef85ad07a0398c750954f03e38de5a51e4d47057637eeb95a05b2a5ede09c

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:59 GMT
content-encoding
gzip
last-modified
Wed, 04 Dec 2019 13:30:36 GMT
x-amz-request-id
01DDE22772742DD8
etag
"490a48ca6b8303692a75fc325de7d320"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
cache-control
private, must-revalidate, max-age=600
x-bucket
9
accept-ranges
bytes
content-length
189050
x-amz-id-2
SoV3BnbU94BuMnka9n0hHDRRG+mO24raXDWyrPerXAtSzKPHxMD+JT3/+sN6Q4b/Qoi+ZwRi6Ww=
expires
Sun, 15 Dec 2019 14:04:59 GMT
672076466251367
connect.facebook.net/signals/config/ 		447 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/672076466251367?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
9a43da37e3657dee8b2824752a921ae0a9caec2d2bbc5326927661fb46531952
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
bkrpf2ZWTcucK1YMhh/1yDlqElT+S8VAQmHlpOCikgAXtoPm8I0VdWJSgYST6K7qiTm/vz60IrB9nXG8efOc1Q==
x-fb-trip-id
420120009
date
Sun, 15 Dec 2019 13:54:59 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
rules-p-Z2HwmmFSucHCB.js
rules.quantcount.com/ 		3 B
352 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Z2HwmmFSucHCB.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:5a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:06 GMT
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 23:52:35 GMT
server
AmazonS3
age
56
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Miss from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=300
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
6HvrDSqtqY0ot6SDG1vCpqWE9ssZSH-rasB0wFnTZ52mG90Oo4W-6Q==
messaging.js
projectagoralibs.com/libs/ 		332 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagoralibs.com/libs/messaging.js
Requested by
Host: projectagoralibs.com
URL: https://projectagoralibs.com/libs/projectagora.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:6d7c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
adb6166839b19271e4d3b9eb148b11e513260e259d2011a8cb971f2d75700235

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:59 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1774
status
200
x-amz-request-id
D552124AFD455D84
x-amz-id-2
KVeMsPv5+aTPfcl4p6LqLrG/sUPfDJw0H5FEurZjiNZgzNmN/Ypi8f3a2YzZaN29Fm5KKpQWRJA=
last-modified
Thu, 31 Oct 2019 13:21:13 GMT
server
cloudflare
etag
W/"d293487c37e2c443ac1b80d26a9688d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5458e9a09f66cbbc-VIE
x-amz-meta-s3b-last-modified
20190924T080405Z
get_site_data
message909.gazetaexpress.com/ 		19 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://message909.gazetaexpress.com/get_site_data?account_id=909&href=https%3A%2F%2Fwww.gazetaexpress.com%2F&requestUUID=1117b5a1-68f3-4017-8956-bcf9f0acfc05-1576418099346
Requested by
Host: projectagoralibs.com
URL: https://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.131.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-131-208.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
a980ae1b3e8754977e50b84ebc09eb799da90354f48d055caf339f28fe443c36

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:54:59 GMT
x-sp-mms-node
mms-aws.node.fra.consul
server
Jetty(9.4.2.v20170220)
status
200
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
max-age=2592000
access-control-allow-credentials
true
;ord=1576418099351
ad.doubleclick.net/ddm/ad/pupxnz/enedveeko/khqsdfix/oxomcsttbc/yavems/ 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/ad/pupxnz/enedveeko/khqsdfix/oxomcsttbc/yavems/;ord=1576418099351?
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f230.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:54:59 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bcn
www.summerhamster.com/ 		43 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.summerhamster.com/bcn?fe=1576418099389&y=2.0.1195&elg=179398641&flg=909&x=zzz.jdchwdhasuhvv.frp%2F&vqwo=1&deo=0&hu=0&g2=0%3A%3A0%3A%3A0%3A%3A0%3A%3A0&requestUUID=1117b5a1-68f3-4017-8956-bcf9f0acfc05-1576418099346
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.160.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-160-140.eu-central-1.compute.amazonaws.com
Software
Jetty(9.2.10.v20150310) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 15 Dec 2019 13:54:59 GMT
server
Jetty(9.2.10.v20150310)
access-control-allow-origin
*
content-length
43
access-control-allow-methods
*
content-type
image/gif
wigo-no-slot
sync.teads.tv/ Frame 2B3A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/wigo-no-slot
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.12 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-12.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.5 /
Resource Hash

Request headers

:method
GET
:authority
sync.teads.tv
:scheme
https
:path
/wigo-no-slot
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.gazetaexpress.com/
accept-encoding
gzip, deflate, br
cookie
tt_viewer=926eba96-efb1-4650-ace5-d16c076e198e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

status
200
content-type
text/html; charset=UTF-8
server
akka-http/10.1.5
content-length
325
expires
Sun, 15 Dec 2019 13:54:59 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Sun, 15 Dec 2019 13:54:59 GMT
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1576418099450&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1576418099450&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1576418099450&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=98601962&cs_ucfr=1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.74.100.205 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-74-100-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:54:59 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1576418099450&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=98601962&cs_ucfr=1
Pragma
no-cache
Date
Sun, 15 Dec 2019 13:54:59 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
track
t.teads.tv/ 		23 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&ts=1576418099447&pageId=76285&pid=82609&env=js-web&pfid=[pfid]&f=1&fv=172
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.12 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-12.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Sun, 15 Dec 2019 13:54:59 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Sun, 15 Dec 2019 13:54:59 GMT
track
t.teads.tv/ 		23 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=noSlot-selector&ts=1576418099447&pageId=76285&pid=82609&env=js-web&pfid=[pfid]&f=1&slot=native&fv=172
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.12 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-12.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Sun, 15 Dec 2019 13:54:59 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Sun, 15 Dec 2019 13:54:59 GMT
1520317101345890
connect.facebook.net/signals/config/ 		447 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1520317101345890?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
d96ada6fa35f3ddd720360a91619e18562a6f102fc287570e76691207beda03e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
114920
x-xss-protection
0
pragma
public
x-fb-debug
NWb/0qiycUa2dUQZor9nOPjJ94aojHPsWSoUMUrU0RwFH0x2LFgxbia9hBfCSNmXnxwC8x8a5lITCTr6rk39VQ==
x-fb-trip-id
420120009
date
Sun, 15 Dec 2019 13:54:59 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=672076466251367&ev=PageView&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&rl=&if=false&ts=1576418099491&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1576418099489.1158936633&it=1576418099278&coo=false&rqm=GET
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Sun, 15 Dec 2019 13:54:59 GMT
get_loaders
message909.gazetaexpress.com/mms/ 		571 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://message909.gazetaexpress.com/mms/get_loaders?href=https%3A%2F%2Fwww.gazetaexpress.com%2F&account_id=909&requestUUID=1117b5a1-68f3-4017-8956-bcf9f0acfc05-1576418099346
Requested by
Host: projectagoralibs.com
URL: https://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.131.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-131-208.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
f837969465caa758ffac43a98621d29f06efd58ab96129bd16562ef341bf86d0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:54:59 GMT
x-sp-mms-node
mms-azd.node.fra.consul
server
Jetty(9.4.2.v20170220)
status
200
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
max-age=10800
access-control-allow-credentials
true
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1520317101345890&ev=PageView&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&rl=&if=false&ts=1576418099524&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1576418099489.1158936633&it=1576418099278&coo=false&rqm=GET
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:54:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Sun, 15 Dec 2019 13:54:59 GMT
gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/ 		42 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=4923
Requested by
Host: projectagoralibs.com
URL: https://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.103.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-194-103-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:54:59 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
42
logic
sourcepoint.mgr.consensu.org/consent/v2/4923/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/4923/logic?withSiteActions=true&consentUUID=[CONSENT_UUID]&euconsent=[EUCONSENT]&mmsDomain=message909.gazetaexpress.com&hasConsentData&consentedToAny&rejectedAny&consentedToAll&shortCircuitDetection&requestUUID=1117b5a1-68f3-4017-8956-bcf9f0acfc05-1576418099346
Requested by
Host: projectagoralibs.com
URL: https://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.103.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-194-103-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
176d3c8b71aa537fbcef7e96c86e907cca78a7cfcb1dd4be723741697dc070db

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
1273
/
www.facebook.com/tr/ 		0
52 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarygwzMuBVhp0q2xRnM

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
access-control-allow-origin
https://www.gazetaexpress.com
date
Sun, 15 Dec 2019 13:54:59 GMT
content-type
text/plain
status
200
access-control-allow-credentials
true
alt-svc
h3-24=":443"; ma=3600
content-length
0
/
www.facebook.com/tr/ 		0
53 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarybiL6SX60KnNLzFOm

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
access-control-allow-origin
https://www.gazetaexpress.com
date
Sun, 15 Dec 2019 13:55:00 GMT
content-type
text/plain
status
200
access-control-allow-credentials
true
alt-svc
h3-24=":443"; ma=3600
content-length
0
zEdgFLmS1KEqh3E97FSr7ApmmuAejs6VEPNPuj9PqGD1wX3pKSpRIzSaVcgG6WSwA88JKoZXRASK7yTa5OdtaZhUt3PKbS92hbUIExkUn6H6O0M7pJQjVFilFhn3OsIQ9ayR9WJQ3VKSq4oNd3jBQe9cNgHlGQmhvKc8boqNq7ds4MpSBZMInR6z2fmxDTMWnO6SQ...
aj1431.online/ 		579 B
1007 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zEdgFLmS1KEqh3E97FSr7ApmmuAejs6VEPNPuj9PqGD1wX3pKSpRIzSaVcgG6WSwA88JKoZXRASK7yTa5OdtaZhUt3PKbS92hbUIExkUn6H6O0M7pJQjVFilFhn3OsIQ9ayR9WJQ3VKSq4oNd3jBQe9cNgHlGQmhvKc8boqNq7ds4MpSBZMInR6z2fmxDTMWnO6SQrGSyywJCq-fuVpY9A-h8GG8IyKadnxSr0ONfgoGRaLc1QnAkxJTnABP5PCpNuJvDS884mIZxjuARe4sBc6VJ9X5EPMlmJFeO6oeGuiGPG_nCH5vMgP1la7Fu6-WcraoLD9DlTCBJ9jWduoQqsrnT2ZubdSFyOnMOMVCjGZvadNmBhxfZASGoklV9RynIHPWMFXu64r5XNdDev9m160mfpznBsuCm4jFChRkKpnvNHo0zUX1p4spGMOA57LFaY0ecRTwK1gg4zMBHZYDG7K4JprAo7nVpTcM1VaQd5gKL7ldvSdcqdBo25cKyzEU?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
d9303f268458366f6c38986aff8a48e56e5f12e8784bb7561a9e09d4e4b98f94

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:54:59 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
579
Expires
0
zi5hfjLjAnafjOOoMSwJevFWkc5sBAYkvpgA_G00xg_ywfAimZoBVv8K3byieXu3nZ22UO-i_9bgscoY-vzJkpwKyiG33w08mJxYmcouXZIJsqxG0yErXjrSRP8cbgJS57hIKNvSQFG8LYSsy0hX7RPaqloSL9DL-TiHc95O8XyxdHt9rWHkXeltAQyBJTB8v-c0D...
aj1431.online/ 		579 B
1007 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zi5hfjLjAnafjOOoMSwJevFWkc5sBAYkvpgA_G00xg_ywfAimZoBVv8K3byieXu3nZ22UO-i_9bgscoY-vzJkpwKyiG33w08mJxYmcouXZIJsqxG0yErXjrSRP8cbgJS57hIKNvSQFG8LYSsy0hX7RPaqloSL9DL-TiHc95O8XyxdHt9rWHkXeltAQyBJTB8v-c0DbnM88gG1unYQ-EUtbiklyHIDe4ObmvvoTt3yByY8yrlZVyfy67lpDr4sZhaHUciZUYKz1td47o9s3Lnx78Wej52bO-UD8hHar5JnqZa4Lhp4ugjzS3pYvC00TadCFJmkzy5BSJF94dwlCVsezAGaIGOle0uxPMpo4OzSJGdiMCxj-9i_v6Fa950U1msjmXvwk0tMV8-5VRfaKL90--oMaJ7OE1EnmZQPP3DG-MQd2UciWAaWAWBlk4hwgwXRRh-m2RgwaOI5IjpSaesNhZr9qhwrL0KVr1k72ZtXdvvpOqTiAl-FIUo1tcPnm08?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2d25858af8d997ee529a50dde2a8e1d3279e3eef3f2aba43a6b9c8eff06836e6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
579
Expires
0
zOZXRPz_7yU2SGqe38_lYoqRoKDt9nIoUjPKZy20ncTg1Zoy1XTHaAxTnPVWABIGugFKv5S0mjBI7TEaYFjkW4CuhJ0KIzTH5IbYdCPykeKhgRX-pOSlm-FEeLR6G-_WczwXUXYyNdhejIJeN8DE0J-z1c1TMChpJ8SxRz2z2Yi8iEZJzdVnUGbgIXXj9TVzz9HXK...
aj1431.online/ 		553 B
981 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zOZXRPz_7yU2SGqe38_lYoqRoKDt9nIoUjPKZy20ncTg1Zoy1XTHaAxTnPVWABIGugFKv5S0mjBI7TEaYFjkW4CuhJ0KIzTH5IbYdCPykeKhgRX-pOSlm-FEeLR6G-_WczwXUXYyNdhejIJeN8DE0J-z1c1TMChpJ8SxRz2z2Yi8iEZJzdVnUGbgIXXj9TVzz9HXKcBg60VlIEo68bdyBnf32A4OK53cd6f3kOhFC0htcKMH6Ni0oC9K9SbwTpSoO2VFp74LpB2bofKF3aB60yvd-ci7J5EDGe39mONPTTvSAo_9Jf4puqiXzLef5FzSO0ANrkufO5ifnMCsfZaS73EpLG2pmgFym9dVNsIm8tBh8OmNmmqbCvtPWj7RB5dgt9taoTkexKR0YKC8picIWbXZWHzJPc_LTcQh87qL1rQchNmu195qNYaKQKoFqrRbRTYbMw3qnT41hHLQYcSIKd_mwcOJ61U35ltMe4TSd5Ft8XuPF2_v4JUUytsK0zRI?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
15d352e47cf7ece9aac753d94f1f6e8b4f91577062d5aa96b85e7a6154788947

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
553
Expires
0
zv8YMmfxwmPhzyhjQ9-FNKNN4INICQjQ-I1kZ_wVtOL7psmNRTsOhrG26_BD1OHB4GEjcHqbj0c855MvvpWrCwWKISVN1IH7TKBhIpU8slDet4oJwhTjc2rjCitXboK1HN7jJ7ltQkzN72zRA3JJanx465gyZoQgiJy-TIotVgRIJZ96mGLlYcGj_my8bmfaKvA9f...
aj1431.online/ 		567 B
995 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zv8YMmfxwmPhzyhjQ9-FNKNN4INICQjQ-I1kZ_wVtOL7psmNRTsOhrG26_BD1OHB4GEjcHqbj0c855MvvpWrCwWKISVN1IH7TKBhIpU8slDet4oJwhTjc2rjCitXboK1HN7jJ7ltQkzN72zRA3JJanx465gyZoQgiJy-TIotVgRIJZ96mGLlYcGj_my8bmfaKvA9fBJji2GY2j-6hqfu7nccHO9ltt3uENOqqksiyhUTYl24NMv0mWXUdpZMGiFYqNWe8jL2whhBPgwwQcNRYf7gApr37kOfccw3S9TAIWepPEjlG5bJSHIOu5AQ6DuV9rl894CdbyhP5lIgc3edRbMJV5Ocg5PcZZdnTe6xJ9JsTxkZgtM79i_xdPHI2we3MTjQ5ejdEZX-WLgoMe0XjZQtNHMlr-ZvCJYgbwvlHCsfiUYBpCp-0HUnuXLhQAlJfDpdzTTplEzAkH8h538BkILXYretlpPP96Jz5b7wpDHFl6XQbLAaqdEhhs8DomkE?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
f013217923d9d8b35bfbee4b54f4f85a7d256390ba4e17428f09b9e46bbb098f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
567
Expires
0
zfC8Ed5zrGu-CVI_17LtbEBFLxP7ds5qrq0ONBNKCT0zen_y2TYixrEgczft3Nfr08H8r_0akNlcB05mVuGY8mx7lmBnmPRHyTnBvYBsTuj8NUnp5lxL_LLMNyGFlK2PNaagL-_KqezS-0oBCsTCrtACHZ_GP_9xdxPiZ6AS-QWrt7EIE7iEGxf7j36v2lDQT1yon...
aj1431.online/ 		984 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zfC8Ed5zrGu-CVI_17LtbEBFLxP7ds5qrq0ONBNKCT0zen_y2TYixrEgczft3Nfr08H8r_0akNlcB05mVuGY8mx7lmBnmPRHyTnBvYBsTuj8NUnp5lxL_LLMNyGFlK2PNaagL-_KqezS-0oBCsTCrtACHZ_GP_9xdxPiZ6AS-QWrt7EIE7iEGxf7j36v2lDQT1yonEzaZlvrl5ylsDT9rUMUzxL_KmzXipQ_nBK4RkRacUZEDoFeJwKlTGJcefpH7S9yF3SOnZ49m7wU6jJFSit4htwpipuT5uJouDdj9EVvRtG4CIQZt9znrNqvPKUZcbvmaDrDUrfcLhYIm7lM6rGn_TF_P0BzN87Ie9zNcp9GMv7eykNBlreJdL0YO6LFqp0clml4RUWuB4X102rK5VB3quE6zU0X4YxIDWy-JBakdeRLei9GJCR5GFF511iTfKfQWXEeB37r1sa9sDF1Z1bcPEW9XYB2OcLtl53lTEzVZgaJ9T4QBchk35cLmwEE?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f15124162112c62292d0989f5a73c1163b3ae8ce0020b93fb843e263910c36f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
984
Expires
0
zTVrnB588l-cg9YLvZa_Jo3wa3FUPsGsJwNEFK5Fx2eGYoBhS2VUkqAzfvcMhBQD-3K8LmwwYtclItEhI-DL8eztnQZhG4p1LdR-Dct8hU4oyX2mGas7k2wyMCGcXCRiFne0O1uun6OfiFFV1LhN_WMoLrrp0KOVxquURrnGwTpJ-e-8y5_p8C7kO5Bg2EuyLJT3i...
aj1431.online/ 		954 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zTVrnB588l-cg9YLvZa_Jo3wa3FUPsGsJwNEFK5Fx2eGYoBhS2VUkqAzfvcMhBQD-3K8LmwwYtclItEhI-DL8eztnQZhG4p1LdR-Dct8hU4oyX2mGas7k2wyMCGcXCRiFne0O1uun6OfiFFV1LhN_WMoLrrp0KOVxquURrnGwTpJ-e-8y5_p8C7kO5Bg2EuyLJT3i5KCbMxAPCO95ybyU0GmRo380nKWFGZuchbHXfBaZlm_d801EquTShDsPpEuoe46LTsEPA-iuZ-ooP1ndRiLqORITI3EY1oE5gbZ6VCtfkyFUEtvsHgUKH7ANcqmhvdt46QkKyHQc1MwVkQdOY6LggUEI0T9ykXmj8DrVCS6OfR9Wdh7bxM8wAY_q9jnTcrbHx8yl39j_N_7mNG663rfjdLxhGmd6b0NjzysQXnqrqI7uPYtIdjUCdbmvCvMrzWGQjq2zHEA0EMO8IrdlKp6OZMxza2-hYCF58ZJ94Yxc8Crqv-sYdE81vs7gwBc?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
dc0695cb13e42eb5d3a52290ce5ae539cc72c36f4ffcd4c57ca774742c27a058

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
954
Expires
0
zC9XX-tU9zWJBS1cXv1DSR2dRGfDGusNOxlMF76kz9Uin1BBJl0qY5EdRqpkk_mjXaFgv5q7VqfJL2jPT33A4Q2ly7Ln-DjIdLOBX_3UD_x1zRqeGqaeuWwJpSfbD6TWwOf5pNrOUl0TlahyqiloGV2uzLHQqyvxmk7ICxRd2riqocz5BFiEbK32PjX0uq1YkmI5S...
aj1431.online/ 		958 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zC9XX-tU9zWJBS1cXv1DSR2dRGfDGusNOxlMF76kz9Uin1BBJl0qY5EdRqpkk_mjXaFgv5q7VqfJL2jPT33A4Q2ly7Ln-DjIdLOBX_3UD_x1zRqeGqaeuWwJpSfbD6TWwOf5pNrOUl0TlahyqiloGV2uzLHQqyvxmk7ICxRd2riqocz5BFiEbK32PjX0uq1YkmI5SDzloe27yYE2bVOzwibhxZttFjnpj2RakLhLM2sGZ4sQHH6lyqP1QcEDjnCbyydQtMtd_ianlck68bJHiOGbeJ-xXd8uMmPXE7HrKvJpwVw-n5zAap-9-bcWlQ2SwjYgtxbA9ypEdALn6ShxFzui0ddxmh_wwT6bCMd-6sQD-PERR_3-G3aL5NR_3ZxNEgjGRolrtt1HOlEwyxrPFLIE5aGpCHKSjztbiuAkUBWSTkG-fHBztMraEQNTWBHX4J2ph5FVmTAEctZdZaaOhnr_3-_ymmbXm4QsLf-rSXDcyHIlk_X4Wdxo3vsDjyEc?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
b037adf24e4303524216ff2b7ca83b60c32d776e41439367d1508eb32946c2b1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
958
Expires
0
zzNJw4_4MmU6rMbt5LjIu-25aJgIai6B0y4sJ30nFxj5cBelMe7q1XCOXbK2YRyRys_OEPEO84JWz5LScU4Z_tvZ4OXy1qSE18g3ASBUNSk02FpxQsPApvno7b0hF5U3X3F5PxZZAhIGnssQLZhCw8sYFrYeJZ7793ZQ8yUT_p1KQSv4jbCs3A8HjWteVsFZdSytF...
aj1431.online/ 		570 B
998 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zzNJw4_4MmU6rMbt5LjIu-25aJgIai6B0y4sJ30nFxj5cBelMe7q1XCOXbK2YRyRys_OEPEO84JWz5LScU4Z_tvZ4OXy1qSE18g3ASBUNSk02FpxQsPApvno7b0hF5U3X3F5PxZZAhIGnssQLZhCw8sYFrYeJZ7793ZQ8yUT_p1KQSv4jbCs3A8HjWteVsFZdSytFSt0CKKYnnKrgzX0Ek2vy2EDZ0bdIUDJs9S3oMubCsIo_KL-7G2Kkb0lu10vUOFtQApOl-q1OomODRg57BhVQ6CxEH9pZKT8TCauBmHgWyrcjBrFCwJ6O9ZGavieIMA8Q7tkfe_g0H5vEi6OFw9FdBhNbop6MXAVBVDNKCC_m2PZpe2SFUxgEovgFfYorNxBj_hRygqzFM0DUMllEEt9SgSI3rIk79by1CPSQuz8HUN1xfR05FYmZnYahJZwjhUnXAchPgIkqtho5CtH11F9SwO8MSLSme1txdUqQkVYcOOFiOhy2f0lhssTiwRQ?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
d199de8e1b89861eb7e50b576c292321b023b1faae1d7598255a99d20d63b067

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
570
Expires
0
zMKv7PdBVxe5tMfqG8Jp1H4hL0-KNo9VKOYnAiLejaMMDFW3NAYyLpDeoCw9mrhySxLIj3FVhlLurxMf92aKNisQfEhoMmOjJr_G1Gpm7TcKj9QdW-09OiSssn-AcBV5YLvWAQeWcsAssqowgsTf2LqG5XHifX94r7hDv6zrMML3wv6jMVZ1MmQFCqisaW2TEsCMI...
aj1431.online/ 		960 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zMKv7PdBVxe5tMfqG8Jp1H4hL0-KNo9VKOYnAiLejaMMDFW3NAYyLpDeoCw9mrhySxLIj3FVhlLurxMf92aKNisQfEhoMmOjJr_G1Gpm7TcKj9QdW-09OiSssn-AcBV5YLvWAQeWcsAssqowgsTf2LqG5XHifX94r7hDv6zrMML3wv6jMVZ1MmQFCqisaW2TEsCMIjRTIftNS2FdnIo-S9IlMTojPtRNx5KXn_HloMJ6XVkK8e7A0TOPiEFCyh7SHFQrsq-xPQvfZG_WBIKvOCmpE87pJ8sSh_2RqoQ9fxSRafvgIZX3zxoraDq7K_77aaj9Uc2C3ZSJgbd7PfqG0kQIbJp1mb7Yz97scxIhzwUoN2_cmB18VdylNWBX9WHSkzh0rJFPe0Dd18FhoPjTWAG59lBCc0NHFT_HizKSpx4_VVGQGFjqwVKa479zard9ocSKYXGIiOW6Mln1mmU0PXwlN2LbqFHGnnr8mqyrGA_rUL5BL26yjfkw6ssDkm0U?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
d8c77081c4f577611af87b47e1c22b123cee863c8a0fbf12c9f1ca7b9d65860c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
960
Expires
0
zPVNvorYH25wrS_vHOh6BCHbriZqGOcuzEKXjYEKY4OKUP5-pG31fwGz-vFpGvwu2vH7KLZhmZPgx3XJrmuh8OhrPYM_Z8pMLIlf3RudDGY_6Ly6ZtIvboEFsig5vsEir6ubvpXqO6bqCXpW7S0uZdFBfjwmY06_zMs8SRK_diQkvi5vPTzNxlw41kXQua7gljvnm...
aj1431.online/ 		565 B
993 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zPVNvorYH25wrS_vHOh6BCHbriZqGOcuzEKXjYEKY4OKUP5-pG31fwGz-vFpGvwu2vH7KLZhmZPgx3XJrmuh8OhrPYM_Z8pMLIlf3RudDGY_6Ly6ZtIvboEFsig5vsEir6ubvpXqO6bqCXpW7S0uZdFBfjwmY06_zMs8SRK_diQkvi5vPTzNxlw41kXQua7gljvnmw-oJCZv2yS2MEi4fLlhrv8vkLH6crcxCS-V-8G5XVD52aFk5SwfrBERjnMtU3cbm4bEjwA_d3SnkZBmPblXV97B5xC5_clfn7mg0pY9d5biShJzUVhsJb9TedaPu3DOErswpyeJDAnsvEZuOmL6KLebpDn8tNGMJb4Xv6qyzNCdvDAvYvaujC3Dde30m7g84wT48OnYLUQpd3pn99_8rSEUmHsGX6GJuRcxKgfXEYbY1JPOz7eeZO1zJ_oQvcCSF9uDrmC6BqzNmIB091YctLyH-KNzihc-fziX4O9KKFfFdCiyMfk5i4pfpyxA?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
dbbf84fd94f31f25ff44a7bbd7aaca1a977b7b212e0f33e3ef51d2e365873281

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
565
Expires
0
zlCVw_AJoyfApmiehlikYXck3Wokmfm_Z1CoX0EoaUitxdk4YRwPACjmmek_tAyZZ6kXM_w5UrdanVO7a0IAdb3N_usNBQz6NSamImblwXWNTlMSqm9ctBzjmjh7Fhp2H1pa1aK1GmIuPncVrYHTVmH_mlwMLOT8ujugotPCpwzC4e5Rqqs-POt-vvbq51_gRg1Mh...
aj1431.online/ 		572 B
1000 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zlCVw_AJoyfApmiehlikYXck3Wokmfm_Z1CoX0EoaUitxdk4YRwPACjmmek_tAyZZ6kXM_w5UrdanVO7a0IAdb3N_usNBQz6NSamImblwXWNTlMSqm9ctBzjmjh7Fhp2H1pa1aK1GmIuPncVrYHTVmH_mlwMLOT8ujugotPCpwzC4e5Rqqs-POt-vvbq51_gRg1Mh3s4e2B_OBir0z4Qb_XN8nz1r0jc8znGHO8usqHBAn9BK9uEJSWns0Ed-JKklwgK_7-GQb31AZy6H7yDzEzJOYZ37D8vxsSEpzEa_s6Sqgq36OBpYUcLOF0QFkpIplFdkmxn8zfyN8WUwFXzcE-CJ9XdDZBpN0i6JpvTjif2QhNobi22HPBpm647OWzTPef7mVKoRmS9zVa7jGQWLlbDzGjReaivatxMz5ayHah-oyweiPKyUg3UbMiMT7rbgq-9YCMFby34v9l5-tR8N7Hx0q6cXCu6FZSu1rYUPn428T-0kwn1dByRLN-PF48hD?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
9214ca832b0d95c3bdf05d53654bbc1bb5b9d1eff8f95e2f2e4d4c52f143abb3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
572
Expires
0
z5cLs33RghlBUfiVileqHMB0FQdjuJQyKkgA_CgnyuyFdfWQ2On8jZbqHQKQynAxsh8lWFAMu9JJLp_qFcqJhdxl3DWm4NRtWWtvAWyYc24pF8bR-RJtd4tWxiWqBwCxuIo83HsvlNAXiLanOYLjchHFIoYq0lGaD8WIjQlGo3LRlNdEWUi7jvl9oZl-r84eJPGjt...
aj1431.online/ 		959 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/z5cLs33RghlBUfiVileqHMB0FQdjuJQyKkgA_CgnyuyFdfWQ2On8jZbqHQKQynAxsh8lWFAMu9JJLp_qFcqJhdxl3DWm4NRtWWtvAWyYc24pF8bR-RJtd4tWxiWqBwCxuIo83HsvlNAXiLanOYLjchHFIoYq0lGaD8WIjQlGo3LRlNdEWUi7jvl9oZl-r84eJPGjtu9Q7dZCOFbXAo3obKlkDa4sT-88n3fvG3O2dCPhW4mcBmft6dleP1csOM-M-s-3sqBbji55EEP7BEO8qWEeGpYvVePb4eg6vbNudGW417Mqgr5J0VK18XISNSMHPUE_NVKjkBqmBRnQT5uvwdTxl1biOU-IIcO2bNRXrt6wNWdnhfBpESzYNn5eFT-ZC_48YehUZ1u3JzJqcNMlDqvM0duIl5b1om2ciWpoFB3ocf3lwiDRmuJ2wS3sBXICOBnWeNwVHfw_Cy83zSxOg960SagPw14nGNzuptYQAZz8qcBtiOTA7LSYdO7HF4clE?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
9268ec26ea38d7dfdfdde2c12c230578251e2d9176bf36dfe1dc8253cf2662c9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
959
Expires
0
zQ_aXfSw3zB84I3yhoidwU_nuiAEWeoYI43vo-IR51MDGnKPnAWd9GblxEqCvLBcd7bxYfCyaOtyEt7NbhpbEFKRFen1nhYyAbH9MYMBLqK0_Mjs8tIbnHZuNO1UGjiapRZrRfZ9d176i3wb4jwjGxSpTuNhJyc6rVe_rof64W98Xb7IDMvQdfjjXR24FLlZOVGvu...
aj1431.online/ 		554 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zQ_aXfSw3zB84I3yhoidwU_nuiAEWeoYI43vo-IR51MDGnKPnAWd9GblxEqCvLBcd7bxYfCyaOtyEt7NbhpbEFKRFen1nhYyAbH9MYMBLqK0_Mjs8tIbnHZuNO1UGjiapRZrRfZ9d176i3wb4jwjGxSpTuNhJyc6rVe_rof64W98Xb7IDMvQdfjjXR24FLlZOVGvuDWdXtqC2hvNah84NejaapjJhy78UqFQtUwtV_G0ado2Egb9bW2781vfPtJ67NRyggBI3NNscpWtZi7h38Bj8v6XEJR8R0UZYrAaJq_q0wGCdhQjFQyV-_3lXYRBSx7EdRO4_xWzajK-tLSQqlB-YKcU_Kpzb2rg5AndI6zsOZ4Z2ehWMI0bqXj_ii5GHawed02wflV-0u2Pebowkumeuw1B_Ey3nPPnV3vQRbZ3hyHNAsaaAyrC33rAk6Jd1s7qZFRfi7KwoTT-hO-GFkDeYFz06DKodB3sB6DuQjqfK8PMLc0TYcBo3s5PmzRQ?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
a1c03b90229ebfb007eb21e8aa0d8a9ed17754f7eebc287baf3150b9d4db588f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
554
Expires
0
znspPs6drFB7bO2M8HteyT5uUpfYMKykBYAnPI_ou58WQfl0tF18cRC0a50Mqv4LEwDsE4H3Y846xQWsJ3PzLqfC1n-HkBRn_g064ULrMWfbqP9aKx7a9VYNhka57u_0lV9tSnn2IrtwPTKtM6xWH2fZno2Q1j8GIb-J6-WPD2YvESHsC-W9qcnyzCiCetlmK_MXw...
aj1431.online/ 		942 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/znspPs6drFB7bO2M8HteyT5uUpfYMKykBYAnPI_ou58WQfl0tF18cRC0a50Mqv4LEwDsE4H3Y846xQWsJ3PzLqfC1n-HkBRn_g064ULrMWfbqP9aKx7a9VYNhka57u_0lV9tSnn2IrtwPTKtM6xWH2fZno2Q1j8GIb-J6-WPD2YvESHsC-W9qcnyzCiCetlmK_MXw_Mg7Uzcf7ZMt5n20wEpYBxstBjOd8zmZI6u_aPi2MK0pdtqnsTqefF8u9X--qeVwSg0gPay5_LkPU0qLiaph4jII4CCZkZB-mU3LhNSfaZFa-kZMSzo_k7kvU7ip8Uo8Tvp_4dVBV3Fv3Dn3JOGsO3Q2wSt1_BNEGgZH4c8_yq3aJAyDRWROyMKK4d9fxnon6boBbI7rrF5065P4YHPJ_rEYt4Ym0vzibjsY9NBlw8nw87_BQVhIfOQm6mW7jhnNoPMXwVepVKtU_QTXqfam-Safb84u0a_icL3SMPzudMGV_MWcTHFPZ7TH5c5P?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
8763f32863dc56f566a14c486f7c4f64aa494d41b1f19672c8b029170e062500

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
942
Expires
0
zPHfoqiugB_Fs0MOdBYrvGaKMMs5E0rHEd8fETbfvKLpJ4vlWx5gNOg8rhF09EtG5sTeDTZ3iFCiIwkTDiPNjaI9zsIiPw0ZjKxIQ3Tt6IlS9yOpDaLLY9ZuuTsEMheKD8pEfBTPXz3ZPfQGeI3nUHZKp87BelKMOLWT8XySCTrEAkqdFtq4aa5vKesaF5-uBpNbz...
aj1431.online/ Frame 8575 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zPHfoqiugB_Fs0MOdBYrvGaKMMs5E0rHEd8fETbfvKLpJ4vlWx5gNOg8rhF09EtG5sTeDTZ3iFCiIwkTDiPNjaI9zsIiPw0ZjKxIQ3Tt6IlS9yOpDaLLY9ZuuTsEMheKD8pEfBTPXz3ZPfQGeI3nUHZKp87BelKMOLWT8XySCTrEAkqdFtq4aa5vKesaF5-uBpNbz0sJ0PflwyYFvdr7jNXmyDA4DPLY26QZSqX-ykXk5yjq9IoM0Zz5HxCw7zh8XGJahfpRsky_70tDNyc1LS0Ap0xxfUQw4HPqZJLN1MuDXDcyFALCyV2KsJIOf9etnqs7lziWyWXCeY5vmjQ?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
Last-Modified
Fri, 27 Sep 2019 09:40:18 GMT
ETag
W/"49-1569577218000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
zQrp5IzbscUBfbi67hWd7SOqUAR4-Jn-P8RqVByU2heLTAQ73OkJtEQM4SizSirI-IxK6oAiP552Jc9r9MI34Zo9p4B4lu3LlA1GMr65udYlzBkBC7MQmn1pR9doZtjqRLI29LevfXLQYVKZyEfCxGfkzacV7wGXV7tUlg8YXUtnvNleYm1lns4-uqKqTBMzs_1Zx...
aj1431.online/ Frame D6A8 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zQrp5IzbscUBfbi67hWd7SOqUAR4-Jn-P8RqVByU2heLTAQ73OkJtEQM4SizSirI-IxK6oAiP552Jc9r9MI34Zo9p4B4lu3LlA1GMr65udYlzBkBC7MQmn1pR9doZtjqRLI29LevfXLQYVKZyEfCxGfkzacV7wGXV7tUlg8YXUtnvNleYm1lns4-uqKqTBMzs_1ZxZPu3fzBtMr26uU_x0Ad6hO8TmOV_HLMvgcsoyL4nDc1qv0ww5XIKNURNCvgu3QzF602JRVO6hvn8TKvripyjTNBomlYTxo3oX1T3XIBjVj6ENm-EkEj9C2KUUDs_X2bu_brgmlx8nRPBXA?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
Last-Modified
Fri, 27 Sep 2019 09:40:18 GMT
ETag
W/"49-1569577218000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
zs2oYYavANioK0K0RVhwlQTvkVg72aEpuiLmyjUoGZVOuZAmmmpl1YXO9clKyncgzuN568hzipJvvDs1UdXK5t_lKm2W1qEzbbcxxe6CD6DnMnvsgMBpfjvdG6xDvu11IVX97L6Etcv7N_ku7FKWryhRpFn-Bsc1BUEFawjszHM1Oi9Y0lHB8-JUYEEVervj2Bq6q...
aj1431.online/ Frame 7BC4 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zs2oYYavANioK0K0RVhwlQTvkVg72aEpuiLmyjUoGZVOuZAmmmpl1YXO9clKyncgzuN568hzipJvvDs1UdXK5t_lKm2W1qEzbbcxxe6CD6DnMnvsgMBpfjvdG6xDvu11IVX97L6Etcv7N_ku7FKWryhRpFn-Bsc1BUEFawjszHM1Oi9Y0lHB8-JUYEEVervj2Bq6q-vuLytxqftrhGsG5YJdkAciATm4E3WMgQ3bh7TfErQekJkY0x6bTdo0DzjWPbdG8hYaB8pZemn28vEdmveolZc0a2JPYecDdOmTvL65JKGNuDkWJqm9DRcNLo_tg9GdbK7RLJHLGy8U1yw?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
Last-Modified
Fri, 27 Sep 2019 09:40:18 GMT
ETag
W/"49-1569577218000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
zSMHVdpWpR-H6BZiZlC6oZA_u6F_veYZhWNqwGn1_-e4HoMRjx-YeEWIi3ZQVNBUsrRCKC3PVZc3maTBojLyl57c71H1ip8yC7gvZm0tmcbBqq37oN7XszhyURDBJ7neZV0ZaVyaOQcwKk-yVcmnniijTuAel7iQHEqnAKaNcmgkMzbSBC1v4Jmhw0z407-5KOBIh...
aj1431.online/ 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zSMHVdpWpR-H6BZiZlC6oZA_u6F_veYZhWNqwGn1_-e4HoMRjx-YeEWIi3ZQVNBUsrRCKC3PVZc3maTBojLyl57c71H1ip8yC7gvZm0tmcbBqq37oN7XszhyURDBJ7neZV0ZaVyaOQcwKk-yVcmnniijTuAel7iQHEqnAKaNcmgkMzbSBC1v4Jmhw0z407-5KOBIhS5fpTrIGlD-SUyEM1chEaGvlL24hql3fRVvLse0BA67FE9u2JF3yH6PbUWcZTibVAspgulIgbyshqtX5Av35ck5MZ870uLBBhUf17C9E2ju2zczKQwiMAqO3Q9goZj-CajWZF8NfHsu2nIk?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
Last-Modified
Fri, 27 Sep 2019 09:40:18 GMT
ETag
W/"49-1569577218000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame EE95 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=4361
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.96.108.236 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
236.108.96.34.bc.googleusercontent.com
Software
/
Resource Hash
ab6d4abbd32a564713ddbfd930ba8d7799d52e7011b6db0a7a8aea15d3ba7699

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:01 GMT
via
1.1 google
content-type
application/javascript
status
200
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
clear
expires
-1
zluA67eJiT9t7HHQmb2CDtDd8A8vDtwiibY32zF3XjSOWI030fiV9y4rNqJtl1jl5Ki86-94PFvPSIJQV-sgX4pXXddBEz77U5QSE4pGyvYRO2uCMnLaUGG1Zs1-riicNN89mAFejW-HQwJN29GWHaIDOKJNeGOAwf8fsxnFKp9gXa47Ef_W0DlWxqLPwRlQQ51iI...
aj1431.online/ Frame EE95 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zluA67eJiT9t7HHQmb2CDtDd8A8vDtwiibY32zF3XjSOWI030fiV9y4rNqJtl1jl5Ki86-94PFvPSIJQV-sgX4pXXddBEz77U5QSE4pGyvYRO2uCMnLaUGG1Zs1-riicNN89mAFejW-HQwJN29GWHaIDOKJNeGOAwf8fsxnFKp9gXa47Ef_W0DlWxqLPwRlQQ51iIBpW_Y-rCVgjiFMNxrd2MBbKUzIOi5dTOd9ctG8u9t0qqeDx3NtY4gLD48F32qovJ6mJ3ZRzck2pbBO0VgfmxemDn4AScfOabjIrGAnN2jJej-2R7N1tBCyKQe7Kn6UbCI5hR6mzi92XwQ11tDZU13QQapPSZAIg22DUTSQo?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
Last-Modified
Fri, 27 Sep 2019 09:40:20 GMT
ETag
W/"43-1569577220000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame 3920 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5043
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.96.108.236 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
236.108.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e75c15c8b76b0fb78051afcb56b417e0207722683763ec212aef01af5eb48225

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:01 GMT
via
1.1 google
content-type
application/javascript
status
200
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
clear
expires
-1
z_R0L7vP6dJjFSb0AWYagZPt2RtZkU7fdcGaL_6WEmXsY_OoSIij9qL4WT7JZ-3hnK1shavZNpLdbX0nWr9Q0k7SDf86PjqqPA8zB6erMQ6UVquz1D9jcizKgxPzHPKjVjj5MlUC9c93UNDImU4KlUt2dX9ZIuULg_oSOljqMFa5XJ5Hpsn7ikB1MsNYV8H3zJe40...
aj1431.online/ Frame 3920 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/z_R0L7vP6dJjFSb0AWYagZPt2RtZkU7fdcGaL_6WEmXsY_OoSIij9qL4WT7JZ-3hnK1shavZNpLdbX0nWr9Q0k7SDf86PjqqPA8zB6erMQ6UVquz1D9jcizKgxPzHPKjVjj5MlUC9c93UNDImU4KlUt2dX9ZIuULg_oSOljqMFa5XJ5Hpsn7ikB1MsNYV8H3zJe40QH3oK2hMA79KpN7QEk58zZiNyDLXs0FZsDQPyiwGGM_AsU8k0R1TNmDuEwkSxUrA7TrcLegPDJIO71ZjD0Ua4K1T6XDZld3MfC93APsZUBGSvweAcfbsDx91McGp3TW6VvnB68EZuCUkC60uxdvV9k7JiIGPPWnu5TnCoA?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
Last-Modified
Fri, 27 Sep 2019 09:40:20 GMT
ETag
W/"43-1569577220000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame DD0C 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=4361
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.96.108.236 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
236.108.96.34.bc.googleusercontent.com
Software
/
Resource Hash
ab6d4abbd32a564713ddbfd930ba8d7799d52e7011b6db0a7a8aea15d3ba7699

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:01 GMT
via
1.1 google
content-type
application/javascript
status
200
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
clear
expires
-1
zmGDqXG_rSviE0AkEOVDl4xwWIv9f9Pa9_Xnt14ualqE0miz2vnBO9dQkkmBQL40qa0-f1SIV4pQgylMFiCBhNRNrwdYJI0uS2_86rq2Sa6WCY3bymi-6vQe9S6V0f2IFBmHBVOJO0WCWc496QRaVHF3ocLYEJq_ZHzm5EW_2QAKPcrzjy_2LbnUphk0uCfonsQAi...
aj1431.online/ Frame DD0C 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zmGDqXG_rSviE0AkEOVDl4xwWIv9f9Pa9_Xnt14ualqE0miz2vnBO9dQkkmBQL40qa0-f1SIV4pQgylMFiCBhNRNrwdYJI0uS2_86rq2Sa6WCY3bymi-6vQe9S6V0f2IFBmHBVOJO0WCWc496QRaVHF3ocLYEJq_ZHzm5EW_2QAKPcrzjy_2LbnUphk0uCfonsQAixmC9I07Y9C_RVU1SU3PkMCNX2Pf6eXQiOMI0G7WDd4JYViFfEasj38CO-Z28O4vY8lW8Wz0QWrpMhy7aoMsQ9GZPImTHm4I6bbiUkbqsEbmWd5tNfyL7sHiSMbedl5oOlc60zcKg9QsJaf2w6Mpg5O5fgxLzAVcSB6sKX8M?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:00 GMT
Last-Modified
Fri, 27 Sep 2019 09:40:20 GMT
ETag
W/"43-1569577220000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid.js
projectagora.net/libs/prebid_2.41_test/ Frame EE95 		260 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebid_2.41_test/prebid.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6c13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9596dc6f8bd628194e135779a3ecd0602b9534958c11b28d13e7f00f48e56df1

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Nov 2019 14:26:34 GMT
server
cloudflare
age
6593
etag
W/"fb341ecceef215a2dbb81faa79c1195b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5458e9acfe8abef1-FRA
x-amz-request-id
CD14BE3B5617317C
x-amz-id-2
x9NgVgMCcYRI9Xy67XiW1pPmSI5Xx8T5pEPKa5ata+zFq42dL40vjWt+mzrF/3PznBRG4IIj0Ao=
zA8GQhEFwkFCagpNs2aikb7BKG1_KVRvPCftZuDRXaozxo7mApJI6yzSmt-9kperAFGMIRA_3AUT2a6yUP-8n4Q_-RQcsdB33mWn1kO_bFOHo0fG-uippl-z8Li3yQb6YqneAkJknoqN6gMhSHKdUx24x3MXZaqrVqGU_sD9WTTu1rA9LchYtGmi2la8v2R8el2DW...
aj1431.online/ Frame C5CF 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zA8GQhEFwkFCagpNs2aikb7BKG1_KVRvPCftZuDRXaozxo7mApJI6yzSmt-9kperAFGMIRA_3AUT2a6yUP-8n4Q_-RQcsdB33mWn1kO_bFOHo0fG-uippl-z8Li3yQb6YqneAkJknoqN6gMhSHKdUx24x3MXZaqrVqGU_sD9WTTu1rA9LchYtGmi2la8v2R8el2DWUeVrE_OxHKPy1voPIBcNavi4qy65DtEdrIztN-H6YBqjsuhG2v1hWug6LBakraqTW4TTqWDdoY7j-82n7dOStof3AJz05-OLPnOwAJlxQremFxnpvx1ua3jVw6IsWIiHqfw35m_7DTtgCMM?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:01 GMT
Last-Modified
Fri, 27 Sep 2019 09:40:18 GMT
ETag
W/"49-1569577218000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid.js
projectagora.net/libs/prebid_2.41_test/ Frame 3920 		260 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebid_2.41_test/prebid.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6c13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9596dc6f8bd628194e135779a3ecd0602b9534958c11b28d13e7f00f48e56df1

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Nov 2019 14:26:34 GMT
server
cloudflare
age
6593
etag
W/"fb341ecceef215a2dbb81faa79c1195b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5458e9acfe8dbef1-FRA
x-amz-request-id
CD14BE3B5617317C
x-amz-id-2
x9NgVgMCcYRI9Xy67XiW1pPmSI5Xx8T5pEPKa5ata+zFq42dL40vjWt+mzrF/3PznBRG4IIj0Ao=
prebid.js
projectagora.net/libs/prebid_2.41_test/ Frame DD0C 		260 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebid_2.41_test/prebid.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6c13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9596dc6f8bd628194e135779a3ecd0602b9534958c11b28d13e7f00f48e56df1

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Nov 2019 14:26:34 GMT
server
cloudflare
age
6593
etag
W/"fb341ecceef215a2dbb81faa79c1195b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5458e9acfe91bef1-FRA
x-amz-request-id
CD14BE3B5617317C
x-amz-id-2
x9NgVgMCcYRI9Xy67XiW1pPmSI5Xx8T5pEPKa5ata+zFq42dL40vjWt+mzrF/3PznBRG4IIj0Ao=
/
ads.projectagoraservices.com/ Frame CD7F 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5043
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.96.108.236 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
236.108.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e75c15c8b76b0fb78051afcb56b417e0207722683763ec212aef01af5eb48225

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:01 GMT
via
1.1 google
content-type
application/javascript
status
200
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
clear
expires
-1
zFf-VdfVcH8vz5pSYzaVRe2z0RQSsNsLvTB4aK1TeoxI3cT3NRQ0ZdWKEiWFaAybegm5u8DLFswefPmHCwv1HAzug3c_J0w9Mbgu3ZwLP0MOtMYuqN0T7IBpbFk9i_ak35R5vyKSt2iE63OYZq4we_Qu9F6DqMszWqWOTOxbKtTL_OmunFuiCJwbcGnZhWYSjfLbq...
aj1431.online/ Frame CD7F 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zFf-VdfVcH8vz5pSYzaVRe2z0RQSsNsLvTB4aK1TeoxI3cT3NRQ0ZdWKEiWFaAybegm5u8DLFswefPmHCwv1HAzug3c_J0w9Mbgu3ZwLP0MOtMYuqN0T7IBpbFk9i_ak35R5vyKSt2iE63OYZq4we_Qu9F6DqMszWqWOTOxbKtTL_OmunFuiCJwbcGnZhWYSjfLbqwJaFyOee_E7yxQciIE1j25KX9sRjY_zxsqndBTZ_0nH_j5TojyNrYx3pFMkwSyytnJUZWsB5HauNORUtKyp236_gMrvodSZr2BdDMrzoJCfwqdJdFqC0HKnYw-lWUwNJ9EBFTWfIjv8rRzFI6g3RK_vVKPmE1UdyMkvRFg?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:01 GMT
Last-Modified
Fri, 27 Sep 2019 09:40:20 GMT
ETag
W/"43-1569577220000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
zmULkp7hDV6ivAnNDTJ84AB2HFFS5gYi8RLQ_aJ0YQPHQSYm5qz82Hv-itdVB5G2HtqV4ddmM5TvPCJ5FqVSk_HKLUEjwk083NvTLz6LoyrOS0oZY-2sd79oBSTn4WSRsqBAGsobQPTLsRkBNCNX7078LRQUBKon4_QAPdbQQvS54E6vjMTfWXYChs92D8vCFQBlR...
aj1431.online/ Frame 052F 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zmULkp7hDV6ivAnNDTJ84AB2HFFS5gYi8RLQ_aJ0YQPHQSYm5qz82Hv-itdVB5G2HtqV4ddmM5TvPCJ5FqVSk_HKLUEjwk083NvTLz6LoyrOS0oZY-2sd79oBSTn4WSRsqBAGsobQPTLsRkBNCNX7078LRQUBKon4_QAPdbQQvS54E6vjMTfWXYChs92D8vCFQBlRkx8J9DHue3RvvqsIAx2cxUvVKtmAUeoD_71bLmxIKNdL0T74dsz3rMCAHLAi0zjJxcYWcpQz0aHKimf-qxM9c-dNSAoEBDdLxeR7Vizn0nbUcbAWSt_cN5zUC5nJ7gUvn4Tw-bIaWlYqTw?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:01 GMT
Last-Modified
Fri, 27 Sep 2019 09:40:18 GMT
ETag
W/"49-1569577218000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
zTANkBJ4-Iri8Djqfi3AlbRLDnBfyF3Gwut5WDe-4JbDgSQT63NVtXm5ye7E6jOSx_QSRRbx0BMLZMAdrsDBRlGt9MWccpWgI79-97vRGPY7c0KHTtbOzi49pBuqH-8hIg85P56pw599A3TTBR0-Ngjryl0TmMbQe1kkBi9Y4dCgbf637vYn6G0c93O_PjZczorF0...
aj1431.online/ Frame 6E7E 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zTANkBJ4-Iri8Djqfi3AlbRLDnBfyF3Gwut5WDe-4JbDgSQT63NVtXm5ye7E6jOSx_QSRRbx0BMLZMAdrsDBRlGt9MWccpWgI79-97vRGPY7c0KHTtbOzi49pBuqH-8hIg85P56pw599A3TTBR0-Ngjryl0TmMbQe1kkBi9Y4dCgbf637vYn6G0c93O_PjZczorF0LoSAwsRdfhW8qshavA1j9BUyEsV10Dg9QENjzSDA_Tp5pNJdyST7JGxSs9Mp7PhfN-cQJztY_kEpa_UCrCa5sUYsM46ZCdXdJMA1jpmpzFzbPSDxuhNgS_kopKipty4_cwbzyswhSC3WYok?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:01 GMT
Last-Modified
Fri, 27 Sep 2019 09:40:18 GMT
ETag
W/"49-1569577218000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid.js
projectagora.net/libs/prebid_2.41_test/ Frame CD7F 		260 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebid_2.41_test/prebid.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6c13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9596dc6f8bd628194e135779a3ecd0602b9534958c11b28d13e7f00f48e56df1

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Nov 2019 14:26:34 GMT
server
cloudflare
age
6593
etag
W/"fb341ecceef215a2dbb81faa79c1195b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5458e9ad8f71bef1-FRA
x-amz-request-id
CD14BE3B5617317C
x-amz-id-2
x9NgVgMCcYRI9Xy67XiW1pPmSI5Xx8T5pEPKa5ata+zFq42dL40vjWt+mzrF/3PznBRG4IIj0Ao=
arj
projectagora-d.openx.net/w/1.0/ Frame EE95 		219 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=47a100b9-aab2-4117-84a4-b1f169747e61&nocache=1576418101389&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&gdpr=1&x_gdpr_f=1&aus=300x250&divIds=pa-adtag-1576418101187&auid=540924443&
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.171.0 /
Resource Hash
ebd3295baa9b70775c0f2c198d359668be5e246a4b295fd93ad0f4f5d222d85a

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:01 GMT
content-encoding
gzip
server
OXGW/16.171.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
200
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ Frame EE95 		5 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY0MyZ0cmFuc2FjdGlvbklkPTQ3YTEwMGI5LWFhYjItNDExNy04NGE0LWIxZjE2OTc0N2U2MQ%3D%3D&pt=gross&stid=b4770617-bc32-44dc-8bb4-086f54e7f9cc&gdpr=true&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&fd=1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:01 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
placementbid.json
an.facebook.com/v2/ Frame EE95 		105 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.facebook.com/v2/placementbid.json?placementids[]=374302723496812_374302983496786&adformats[]=300x250&testmode=false&pageurl=https%3A%2F%2Fwww.gazetaexpress.com%2F&sdk[]=6.0.web&adapterver=1.3.0&platform=241394079772386&platver=2.41.0&cb=c26e807e-4eb9-4d53-8e2a-25ee86d3197f
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:20e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
9dcb9c90c1910cc70bcd88e2743abbd913341041c69f7e9a2090af8b7cd0e3c4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-fb-an-errors
No bids
x-fb-an-request-id
1454569333110349755
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
VWXT/H6a+9dNAf/6vH6syQbfsjNdv7h/9Lae/pC4/RJp2G/24djCd0sGyjhkFGvYmCAUPgDXEG6ZpqBaTJ3DZg==
x-frame-options
DENY
date
Sun, 15 Dec 2019 13:55:01 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
access-control-expose-headers
X-FB-AN-Request-ID, X-FB-AN-Errors, X-FB-AN-Bid-Count
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
cdb
bidder.criteo.com/ Frame EE95 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.41.0&cb=9950298661
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sun, 15 Dec 2019 13:55:01 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://www.gazetaexpress.com
timing-allow-origin
*
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EE95 		0
0
translator
hbopenbid.pubmatic.com/ Frame EE95 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sun, 15 Dec 2019 13:55:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.gazetaexpress.com
prebid
ib.adnxs.com/ut/v3/ Frame EE95 		145 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
8a259f40e3d7b194e0786338bbbd8e6711d729168ae80d7af2e183db9627e535
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:03 GMT
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.174:80
AN-X-Request-Uuid
6f25ba9c-cd83-40df-ab88-e26a7ed74aff
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame EE95 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:02 GMT
X-SMRT-D
6%3b27%3b63
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
Expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3920 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 3920 		144 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
ed6e695d1fe3127efc9007f582467fd8a362e7f615ca18e8411aefadab5502c4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:03 GMT
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.70:80
AN-X-Request-Uuid
9acf8c08-8ae6-4308-a953-8ab04e828e48
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 3920 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sun, 15 Dec 2019 13:55:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.gazetaexpress.com
v1
prg.smartadserver.com/prebid/ Frame 3920 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:02 GMT
X-SMRT-D
6%3b30%3b97
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
Expires
-1
arj
projectagora-d.openx.net/w/1.0/ Frame 3920 		219 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=2526f556-a77c-48a2-921f-d39eae1a9bcb&nocache=1576418101405&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&gdpr=1&x_gdpr_f=1&aus=970x250&divIds=pa-adtag-1576418101201&auid=540924442&
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.171.0 /
Resource Hash
d67efaeb638d7f5a0bff6f019008ec0102c8c7ba34ae3fe9eeb632ca1ee02c51

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:01 GMT
content-encoding
gzip
server
OXGW/16.171.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
199
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ Frame 3920 		5 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcyMDEzNiZ0cmFuc2FjdGlvbklkPTI1MjZmNTU2LWE3N2MtNDhhMi05MjFmLWQzOWVhZTFhOWJjYg%3D%3D&pt=gross&stid=b1534f68-b769-464f-87f7-c0b95cc26e88&gdpr=true&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&fd=1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:01 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cdb
bidder.criteo.com/ Frame 3920 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.41.0&cb=90631508988
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sun, 15 Dec 2019 13:55:00 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://www.gazetaexpress.com
timing-allow-origin
*
vary
Origin
/
adx.adform.net/adx/ Frame DD0C 		5 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY0MyZ0cmFuc2FjdGlvbklkPTBmZGViZTVmLTNiNGMtNDJjYS04Y2U1LWI0NWFhNjBlOTYyZA%3D%3D&pt=gross&stid=69118a33-2ca0-4e5d-91ee-4e08605a2a70&gdpr=true&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&fd=1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:01 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
translator
hbopenbid.pubmatic.com/ Frame DD0C 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sun, 15 Dec 2019 13:55:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.gazetaexpress.com
prebid
ib.adnxs.com/ut/v3/ Frame DD0C 		144 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
7744ba384fdd169842ac4850afddd2e32d1fb289da7241bb5889e8acb9132c92
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:03 GMT
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.40:80
AN-X-Request-Uuid
ecddf993-fc41-481e-9088-7805e099ddc6
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame DD0C 		219 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=0fdebe5f-3b4c-42ca-8ce5-b45aa60e962d&nocache=1576418101457&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&gdpr=1&x_gdpr_f=1&aus=300x250&divIds=pa-adtag-1576418101257&auid=540924443&
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.171.0 /
Resource Hash
18c28e133e2a5ebb12ca61e98ffe8643e3a15d8fef7bedf704b454bf7b3190f2

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:01 GMT
content-encoding
gzip
server
OXGW/16.171.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
200
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
placementbid.json
an.facebook.com/v2/ Frame DD0C 		105 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.facebook.com/v2/placementbid.json?placementids[]=374302723496812_374302983496786&adformats[]=300x250&testmode=false&pageurl=https%3A%2F%2Fwww.gazetaexpress.com%2F&sdk[]=6.0.web&adapterver=1.3.0&platform=241394079772386&platver=2.41.0&cb=293409e0-849a-4ac4-baa5-748ec26ac1e0
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:20e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6db799c25ea48d2d12f5428250d46418d4aa73ee89ae1c5ff60079a47c21ff51
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-fb-an-errors
No bids
x-fb-an-request-id
1171522491652037159
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
pjYO4H15czI0IOnQsQ9MCwxKQwgD4yj+yUY95xrEEQM0G0HQWrDsEqMifLHlIJ4Zu0GPPa244HjtRP5GX0FuMw==
x-frame-options
DENY
date
Sun, 15 Dec 2019 13:55:01 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
access-control-expose-headers
X-FB-AN-Request-ID, X-FB-AN-Errors, X-FB-AN-Bid-Count
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame DD0C 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:02 GMT
X-SMRT-D
6%3b0%3b63
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
Expires
-1
cdb
bidder.criteo.com/ Frame DD0C 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.41.0&cb=96115674176
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sun, 15 Dec 2019 13:55:01 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://www.gazetaexpress.com
timing-allow-origin
*
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame DD0C 		0
0
/
ads.projectagoraservices.com/ Frame C5E6 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=4360
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.96.108.236 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
236.108.96.34.bc.googleusercontent.com
Software
/
Resource Hash
c1ceb2b66a719b3e746ccdd19e28c7dc970c0e500dee336d9f6f8b45a9df7c27

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:01 GMT
via
1.1 google
content-type
application/javascript
status
200
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
clear
expires
-1
zHlRjQ5x5sM9Z4brf1qVrG7mBtA7VL27sbhYk8LnkwEU00L1XNsE2WKW16eSBIeX5WSKYhZYiXOFGiAzSRt64Z6GPIrbtvaw23qyyPHukuCi4ndlPQFGiyegZOJwJgFFOwRMxwlY33bO67uvhNq4gfPm0SjM0TfHlnCRJ_bH_Q8dfDEIEqwxcTLMAMe-Yyi9cBL3Z...
aj1431.online/ Frame C5E6 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zHlRjQ5x5sM9Z4brf1qVrG7mBtA7VL27sbhYk8LnkwEU00L1XNsE2WKW16eSBIeX5WSKYhZYiXOFGiAzSRt64Z6GPIrbtvaw23qyyPHukuCi4ndlPQFGiyegZOJwJgFFOwRMxwlY33bO67uvhNq4gfPm0SjM0TfHlnCRJ_bH_Q8dfDEIEqwxcTLMAMe-Yyi9cBL3ZznWF6Hr3OwpUuNoEZedKKI-D1FV1MVnjB72oQXPXAo8GN97OmulA0qysIXk4osQNfepSBWmg8vLfsozlwVlzolkg6MhsiYsgw5f0rZbtuk78gCG-z4-Gt-dV7TtKMRFBBmOMerLpsSaoxu8N8zkcmgVgtDVnRprFpgNDNQ?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:01 GMT
Last-Modified
Fri, 27 Sep 2019 09:40:20 GMT
ETag
W/"43-1569577220000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame CD7F 		218 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=42606eaa-0246-474f-8715-8644deaebfbd&nocache=1576418101487&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&gdpr=1&x_gdpr_f=1&aus=970x250&divIds=pa-adtag-1576418101365&auid=540924442&
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.171.0 /
Resource Hash
7b06c1ecd7edb03c586c7f68b5f6db6872fdc46d7ba5658989354cce06a81388

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:01 GMT
content-encoding
gzip
server
OXGW/16.171.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
199
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame CD7F 		144 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
d886d5ebc82702a59b77b8e06327f4b1b6933fee42b3309d3821ba39f2db6ddc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:03 GMT
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.53:80
AN-X-Request-Uuid
e083a361-7752-4d6c-8cc6-62a3bd32e07a
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame CD7F 		5 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcyMDEzNiZ0cmFuc2FjdGlvbklkPTQyNjA2ZWFhLTAyNDYtNDc0Zi04NzE1LTg2NDRkZWFlYmZiZA%3D%3D&pt=gross&stid=882aa1f5-6e4d-45d8-8e6f-828029aae55b&gdpr=true&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&fd=1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:01 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cdb
bidder.criteo.com/ Frame CD7F 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.41.0&cb=63426443974
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sun, 15 Dec 2019 13:55:00 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://www.gazetaexpress.com
timing-allow-origin
*
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame CD7F 		0
0
translator
hbopenbid.pubmatic.com/ Frame CD7F 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sun, 15 Dec 2019 13:55:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.gazetaexpress.com
v1
prg.smartadserver.com/prebid/ Frame CD7F 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:02 GMT
X-SMRT-D
6%3b23%3b65
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
Expires
-1
zF9jSHzKzKpXnjO2I0zHg47ixRzro_rKhTLFLBKnpSWhDrg6C6K-MQJWbqxPbX-BbEbhMhusLudAy8kOXsBIb2HHyaCAobY5naOFcjMjrRsKS9e-i8-cBEoqEAfogDb2yxyTB1fbsoygqcWfVQVP0ZLXBySgEoNj_UGwvi3A8ENUjxJ6gsTl8C-vZfPUN7CHJGzKN...
aj1431.online/ Frame 11D3 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zF9jSHzKzKpXnjO2I0zHg47ixRzro_rKhTLFLBKnpSWhDrg6C6K-MQJWbqxPbX-BbEbhMhusLudAy8kOXsBIb2HHyaCAobY5naOFcjMjrRsKS9e-i8-cBEoqEAfogDb2yxyTB1fbsoygqcWfVQVP0ZLXBySgEoNj_UGwvi3A8ENUjxJ6gsTl8C-vZfPUN7CHJGzKNizGZQnx7sMMZ4fPBhUxqmnN_e43TjmpOjDME4sOqjDmzsEIZ0Rba233_hpiv4vWCvJr-GqMQfaZn4LOQ0Swgr0J_D0sCkt33nRQXmU1eIiCcnVl5S3KB3alm_mylDq4wV2z5RsRGzVKLwnM?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:01 GMT
Last-Modified
Fri, 27 Sep 2019 09:40:18 GMT
ETag
W/"49-1569577218000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame B448 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5043
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.96.108.236 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
236.108.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e75c15c8b76b0fb78051afcb56b417e0207722683763ec212aef01af5eb48225

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:01 GMT
via
1.1 google
content-type
application/javascript
status
200
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
clear
expires
-1
zlqTMYicF6FJnmVrB71sq7NoWFc7nbFwJ47DCC4fB3dKZ-3zaofqquNT26jN922Qz5sF0yOVXahDFr-lKscB_hQ_V5fG4CwOzeY-PevTt-N2tDfxOx-mFJRxy5k2qMTUfKXZZQ2bejD34mW_mbpZy3Aipc9pqDsoJ1PRFJhXnR0MUpGxo4zI_Q2_SNyhpSVU1TJMj...
aj1431.online/ Frame B448 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zlqTMYicF6FJnmVrB71sq7NoWFc7nbFwJ47DCC4fB3dKZ-3zaofqquNT26jN922Qz5sF0yOVXahDFr-lKscB_hQ_V5fG4CwOzeY-PevTt-N2tDfxOx-mFJRxy5k2qMTUfKXZZQ2bejD34mW_mbpZy3Aipc9pqDsoJ1PRFJhXnR0MUpGxo4zI_Q2_SNyhpSVU1TJMjJQMAoq-tR7hcG1ZW6880cPzdUVmXc5cEINrIlgjhWlMRiEw5P5gVQNZrVz-wz6lVFRZChkcxsjH6-JlL3JpujyyneIuesrXbK_sQSXNspqz-gzDQxjrvtEBxrOObM4x7GFRiD-z10o1V4Vwt6Rv2QkHzs8LYNMglE40jbA?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:01 GMT
Last-Modified
Fri, 27 Sep 2019 09:40:20 GMT
ETag
W/"43-1569577220000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid.js
projectagora.net/libs/prebid_2.41_test/ Frame C5E6 		260 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebid_2.41_test/prebid.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6c13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9596dc6f8bd628194e135779a3ecd0602b9534958c11b28d13e7f00f48e56df1

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Nov 2019 14:26:34 GMT
server
cloudflare
age
6593
etag
W/"fb341ecceef215a2dbb81faa79c1195b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5458e9aec8ffbef1-FRA
x-amz-request-id
CD14BE3B5617317C
x-amz-id-2
x9NgVgMCcYRI9Xy67XiW1pPmSI5Xx8T5pEPKa5ata+zFq42dL40vjWt+mzrF/3PznBRG4IIj0Ao=
prebid.js
projectagora.net/libs/prebid_2.41_test/ Frame B448 		260 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebid_2.41_test/prebid.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6c13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9596dc6f8bd628194e135779a3ecd0602b9534958c11b28d13e7f00f48e56df1

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Nov 2019 14:26:34 GMT
server
cloudflare
age
6593
etag
W/"fb341ecceef215a2dbb81faa79c1195b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5458e9aef947bef1-FRA
x-amz-request-id
CD14BE3B5617317C
x-amz-id-2
x9NgVgMCcYRI9Xy67XiW1pPmSI5Xx8T5pEPKa5ata+zFq42dL40vjWt+mzrF/3PznBRG4IIj0Ao=
v1
prg.smartadserver.com/prebid/ Frame C5E6 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:02 GMT
X-SMRT-D
6%3b18%3b85
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
Expires
-1
arj
projectagora-d.openx.net/w/1.0/ Frame C5E6 		219 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=34960a39-a3c7-4367-9b9f-52b556e90ba8&nocache=1576418101612&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&gdpr=1&x_gdpr_f=1&aus=300x600%2C300x250&divIds=pa-adtag-1576418101558&auid=540924444&
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.171.0 /
Resource Hash
d03423bbdb532af967e60a2097a72adc0f0d0a4628a49bdd1fa5ec5822a880b8

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:01 GMT
content-encoding
gzip
server
OXGW/16.171.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
200
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame C5E6 		144 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
20e3218d335987d99a750555e15a4b459f2bca9ba43677109a2c80fcb1ac6ee7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:03 GMT
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.39:80
AN-X-Request-Uuid
7a8eed63-342e-422d-8da1-7c5e3816c289
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame C5E6 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.41.0&cb=28761831821
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sun, 15 Dec 2019 13:55:01 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://www.gazetaexpress.com
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame C5E6 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sun, 15 Dec 2019 13:55:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.gazetaexpress.com
/
adx.adform.net/adx/ Frame C5E6 		5 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY0NiZ0cmFuc2FjdGlvbklkPTM0OTYwYTM5LWEzYzctNDM2Ny05YjlmLTUyYjU1NmU5MGJhOA%3D%3D&pt=gross&stid=6c41c2b5-1dfb-44c6-9103-af6d02ecb950&gdpr=true&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&fd=1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:01 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C5E6 		0
0
placementbid.json
an.facebook.com/v2/ Frame C5E6 		105 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.facebook.com/v2/placementbid.json?placementids[]=374302723496812_404099237183827&adformats[]=300x250&testmode=false&pageurl=https%3A%2F%2Fwww.gazetaexpress.com%2F&sdk[]=6.0.web&adapterver=1.3.0&platform=241394079772386&platver=2.41.0&cb=e6cc3054-1199-40f5-8d01-8b31186ffddd
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:20e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
5f341cc02e0997801528e4da84688324e9bb1cde7db7e5e61a0e74673fb7a31c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-fb-an-errors
No bids
x-fb-an-request-id
6002374679886422633
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
V3hX/Nb4vdNQmm+ByLY8tp1zZ0IYnjnQnzxuvJuAjSTQclEqCEu6JqEW9nXb7UCz3iLcmoKtSQwjmSM4gpJr5w==
x-frame-options
DENY
date
Sun, 15 Dec 2019 13:55:01 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
access-control-expose-headers
X-FB-AN-Request-ID, X-FB-AN-Errors, X-FB-AN-Bid-Count
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
cdb
bidder.criteo.com/ Frame B448 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.41.0&cb=62630393138
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sun, 15 Dec 2019 13:55:01 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://www.gazetaexpress.com
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame B448 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sun, 15 Dec 2019 13:55:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.gazetaexpress.com
prebid
ib.adnxs.com/ut/v3/ Frame B448 		143 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
a76ee56f6e6e258bf365f1150e535482ccb21eafeb291d353b046f69fb255cd8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:03 GMT
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.151:80
AN-X-Request-Uuid
054b4b2f-9a73-4adf-b598-5f4b6c66abe4
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame B448 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:03 GMT
X-SMRT-D
6%3b12%3b124
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
Expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B448 		0
0
/
adx.adform.net/adx/ Frame B448 		5 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcyMDEzNiZ0cmFuc2FjdGlvbklkPWFjNWY3MzU0LWI0YzQtNDBjMy1iZDRiLTI4MTBkNGRlN2ZkMA%3D%3D&pt=gross&stid=3775e506-d406-42f5-b2c1-46500ea095c6&gdpr=true&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&fd=1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:01 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
arj
projectagora-d.openx.net/w/1.0/ Frame B448 		219 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=ac5f7354-b4c4-40c3-bd4b-2810d4de7fd0&nocache=1576418101680&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&gdpr=1&x_gdpr_f=1&aus=970x250&divIds=pa-adtag-1576418101593&auid=540924442&
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.171.0 /
Resource Hash
63e939d40167f0ad47dbaf0b2ce08839a3eb4a02b53b7f1c864d8b0f14c64e08

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:01 GMT
content-encoding
gzip
server
OXGW/16.171.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
200
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
graphql
s2.adxpremium.services/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2.adxpremium.services/graphql
Requested by
Host: adxbid.info
URL: https://adxbid.info/gf_AL-BA-BI-BY-CD-CF-CU-IQ-IR-KP-LB-LY-ME-MK-RS-RU-SD-SO-SS-SY-UA-VE-YE-ZW_gazetaexpress.com_all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6b11 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.gazetaexpress.com
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sun, 15 Dec 2019 13:55:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
HEAD, GET, POST
status
200
access-control-expose-headers
X-GraphQL-Event-Stream
x-graphql-event-stream
/graphql/stream
cf-ray
5458e9b0afe2dfdb-FRA
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length
ads
securepubads.g.doubleclick.net/gampad/ 		37 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2911874667929850&correlator=1173364630133228&output=ldjh&impl=fifs&adsid=NT&eid=21062888&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191215&iu_parts=74207979%2Cadxp_gazetaexpress_160x600_HB%2Cadxp_gazetaexpress_300x600_HB%2Cadxp_gazetaexpress.com_160x600_right%2Cadxp_gazetaexpress_HB_728x90%2Cadxp_gazetaexpress_HB_300x250_D_1%2Cadxp_gazetaexpress_HB_300x250_D_2%2Cadxp_gazetaexpress_HB_300x250_D_3%2Cadxp_gazetaexpress_300x250_mobile_1%2Cgazetaexpress_test_hb_300x250%2Cadxp_gazetaexpress_HB_300x250_mobile_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10&prev_iu_szs=160x600%2C300x600%2C160x600%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1576418101&dt=1576418101847&dlt=1576418098529&idt=515&frm=20&biw=1585&bih=1200&oid=3&adxs=143%2C-9%2C1143%2C470%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=225%2C-9%2C225%2C49%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=4206218631%2C3618061427%2C4027716477%2C1376028450%2C2904518949%2C3788665600%2C3852554850%2C537267373%2C1682953793%2C3692762762&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetaexpress.com%2F&dssz=66&icsg=262143&std=3&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600%7C0x-1%7C300x600%7C803x90%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=160x-1%7C0x-1%7C160x-1%7C728x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=716195729.1576418102&ga_sid=1576418102&ga_hid=1739626592&fws=0%2C2%2C0%2C0%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
4725f77ab9ed8e0eb6281de6dea1ed189d109d22720b73ad03150406004cb857
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7145
x-xss-protection
0
google-lineitem-id
5247505591,5247872114,5247505591,5247502498,5246864856,-2,-2,5247845258,5247866318,5247501586
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138297824381,138297824882,138297843765,138297824300,138297842571,-2,-2,138297842619,138297823901,138297843432
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019121002.js
securepubads.g.doubleclick.net/gpt/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24811
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:01 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
graphql
s2.adxpremium.services/ 		82 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2.adxpremium.services/graphql
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6b11 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7abd8c0ad4c5134575fc0bfd25cc8014c5a05bd6d9a855bd5713137c33994eb

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 15 Dec 2019 13:55:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
HEAD, GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-GraphQL-Event-Stream
x-graphql-event-stream
/graphql/stream
cf-ray
5458e9b0e8c0dfdb-FRA
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length
publishertag.prebid.js
static.criteo.net/js/ld/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: adxbid.info
URL: https://adxbid.info/gf_AL-BA-BI-BY-CD-CF-CU-IQ-IR-KP-LB-LY-ME-MK-RS-RU-SD-SO-SS-SY-UA-VE-YE-ZW_gazetaexpress.com_all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b7f09fcd3b0e1ea0802316344863eb8bfe55c8401f29fbb9a2d0fe2e4595a2d6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:01 GMT
content-encoding
gzip
last-modified
Tue, 05 Nov 2019 14:27:52 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5dc186e8-a744"
content-type
text/javascript
status
200
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Mon, 16 Dec 2019 13:55:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BBB2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZfOTsTD3LyxqD8mFKRYS-IFlQdk-w3qSp3lPd65eNDCnyKT_LxZt9WYAl9mFMEo02UHFLErJPWh1aGKexTVFnCvLv_nQok5pUGJa8JiDJz89dnMo1uoq6ks05RHHO-DQ2cmKEtX5yxoEjWz2N7ER70L4Sms-qNyb4ceKnTd-eTJX0xcohNyZJvhvScQn9A483ZpIqxxuiSGm7_K0x-OEgG-oxT5xXz-0qv6tKmQpt9eK71xu_y3yjyUBcH_X-73AD3jhMY_u_E2yX_tuBSl8I0LPOdafOr_Bf&sai=AMfl-YSSjOh_ye1jXxuRec9uN5r1PeJ4XmRD6kDn8hExxUfofRkoT9z2a03OggQLBZHa-uBubYY2moELzw7f49C8fGbX1AVP4GhsEaonGPJF&sig=Cg0ArKJSzMdh6YGXrQiyEAE&urlfix=1&adurl=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 Dec 2019 13:55:02 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:02 GMT
859fcd69-b12d-4607-82e2-1c3a0600836a.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ Frame BBB2 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:5e00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
399d126f1ae434a6c3df24bfa4e7c5304350d62b234fb831981f17429e84449a

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Dec 2019 16:57:24 GMT
content-encoding
gzip
last-modified
Thu, 07 Nov 2019 18:31:01 GMT
server
AmazonS3
age
161859
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
tQ4wNJOFqmIeJiWm58KilaWTj_Ta5xuX
status
200
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA6-C1
content-type
application/javascript
x-amz-cf-id
KcWA5o4hTmQDvp1sZyhobScTj7yBEVBtBj0JHcEUakTho_PuPBQb1A==
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame BBB2 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29272
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:02 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29463
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8A1C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPzsPcHFuIi6M1PCqFX1aucS5KPr5nCb_5Ht_GX15qFub5dIhlM4JktGZkxSIc1peGDo-ujVl83QXRPK_-QcFiGGeCM5QBKRnKy0n_AbdvPwn14ySe_sHmEhncflZcOdUdNBkFYEBX5IDfelm78xMe1uf3LbGOTsXyU_MZDqW23OGnZaD87HYN4J95tniKIpo9pn2lhxicluOJTzraOJO0V3E8U2fZRjgVa67F7jO7KDSrqHKUmZuHwBn93RFfb5LJbooBDPx1FvWjQCXWf7URwvyfoDeg4L-nfCB2_NN-eA&sai=AMfl-YTTTF2q2iHhsniBXkleTWFjVGTrOT9wdrCUY8RGBqJPoujg8wY2tyF5mY40xEnK3jGkvpqH2xKVaWk7pTKBObpFGRNf_erdm1zeTcfu&sig=Cg0ArKJSzESCLXIZvnk0EAE&urlfix=1&adurl=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 Dec 2019 13:55:02 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:02 GMT
859fcd69-b12d-4607-82e2-1c3a0600836a.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ Frame 8A1C 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:5e00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
399d126f1ae434a6c3df24bfa4e7c5304350d62b234fb831981f17429e84449a

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Dec 2019 16:57:24 GMT
content-encoding
gzip
last-modified
Thu, 07 Nov 2019 18:31:01 GMT
server
AmazonS3
age
161859
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
tQ4wNJOFqmIeJiWm58KilaWTj_Ta5xuX
status
200
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA6-C1
content-type
application/javascript
x-amz-cf-id
WXsTCSX_yJRdgFkRSZgDJvyKqCu5KsoqFoVEEEsjawNehxGGEfyjRA==
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 8A1C 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29272
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8B6C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRF0c_f8l_tGgPeCXioQuTHegnI12xif259K2zAktxb4SaPoC0jB8lCnMHSqYhazV8pBTKi8qCUCeV_-4gAyWxC7neyxj-aOLBnfPMnwV-3MQLH_QSl1JwJm4KT8zRw0mkpbCzBfF3RIv0HZFvbz61UkEGAT--fnDGVOuXVZC2bqGgOFC2MdDS0qagBUH1k4LTVrRHppDLNPLLBrfRECo8mXGhUTcBLUUCaqt6XAPM5fc1FbfOHIgoXOo7SDcwuBIu8jPiHJLdTZu71i9yq4v-z1dSSQAtSbE&sai=AMfl-YTshTPnXdnjpRtYNq-tUUTna6jOOkcmCafRieAg-jXYT_2zwuaT1MbWFr7ikCgNwWNZQt7P8ePfo4GwCrBV9NCW4-IqQxkD5zynO4pr&sig=Cg0ArKJSzOw8GTBK_inHEAE&urlfix=1&adurl=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 Dec 2019 13:55:02 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:02 GMT
859fcd69-b12d-4607-82e2-1c3a0600836a.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ Frame 8B6C 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:5e00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
399d126f1ae434a6c3df24bfa4e7c5304350d62b234fb831981f17429e84449a

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Dec 2019 16:57:24 GMT
content-encoding
gzip
last-modified
Thu, 07 Nov 2019 18:31:01 GMT
server
AmazonS3
age
161859
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
tQ4wNJOFqmIeJiWm58KilaWTj_Ta5xuX
status
200
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA6-C1
content-type
application/javascript
x-amz-cf-id
rOK7zW-A0sHgfYASLpowHGDh2iJda8Ch9NWq8U0crVjbWGSl72Kjqg==
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 8B6C 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29272
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:02 GMT
/
geoip.insticator.com/json/ Frame BBB2 		246 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09fb98a3ed180eefce986596a01b86e93190fc523c81e7a2147e35fff1536b42

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
via
1.1 vegur
vary
Origin
cf-cache-status
DYNAMIC
status
200
x-database-date
Sun, 15 Dec 2019 05:34:26 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
9996
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
x-ratelimit-reset
3599
x-ratelimit-limit
10000
cf-ray
5458e9b22e278c92-VIE
/
geoip.insticator.com/json/ Frame BBB2 		246 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09fb98a3ed180eefce986596a01b86e93190fc523c81e7a2147e35fff1536b42

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
via
1.1 vegur
vary
Origin
cf-cache-status
DYNAMIC
status
200
x-database-date
Sun, 15 Dec 2019 05:34:26 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
9997
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
x-ratelimit-reset
3599
x-ratelimit-limit
10000
cf-ray
5458e9b22e2d8c92-VIE
usertracking
b2c.insticator.com/v3/pages/ Frame A406 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:190b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
b2c.insticator.com
:scheme
https
:path
/v3/pages/usertracking
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.gazetaexpress.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

status
200
date
Sun, 15 Dec 2019 13:55:02 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=df6307e0ca9fbd6df62bb7fb7a2a3bc441576418102; expires=Tue, 14-Jan-20 13:55:02 GMT; path=/; domain=.insticator.com; HttpOnly
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5458e9b24b7ccbc8-VIE
content-encoding
gzip
instbid_1_34_release_20190807.js
df80k0z3fi8zg.cloudfront.net/files/ Frame BBB2 		218 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8075fe09e142b517a80252d1befdd7c1d6f4938ada76218ad6a2ac25d7aea997

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 23:05:00 GMT
content-encoding
gzip
last-modified
Mon, 05 Aug 2019 21:52:22 GMT
server
AmazonS3
age
17240
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
ZyO56HU_sYG3L.Nf3MAtxCLO1RTIEG4J
status
200
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
BbW77IkzFbPUgIZOG13q3NLmahhv1i9-w6hy6rTb2kj4N156IkcCFg==
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
apstag.js
c.amazon-adsystem.com/aax2/ Frame BBB2 		87 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-213-153.fra53.r.cloudfront.net
Software
Server /
Resource Hash
0f144f16507d02eabc67a131e4d54ac36266dcfe3dac263a6971265371eff7b9

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 16:30:17 GMT
content-encoding
gzip
server
Server
age
64799
etag
6bed68e25cc35021d570267b56047ef8
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
FuqxIHQF_66kzgzKg7dOtdQJc9gT8eHOhR18xKiu6r79Aa_wMyOWvA==
via
1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
/
geoip.insticator.com/json/ Frame 8B6C 		246 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09fb98a3ed180eefce986596a01b86e93190fc523c81e7a2147e35fff1536b42

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
via
1.1 vegur
vary
Origin
cf-cache-status
DYNAMIC
status
200
x-database-date
Sun, 15 Dec 2019 05:34:26 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
9998
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
x-ratelimit-reset
3599
x-ratelimit-limit
10000
cf-ray
5458e9b22e2a8c92-VIE
/
geoip.insticator.com/json/ Frame 8B6C 		246 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09fb98a3ed180eefce986596a01b86e93190fc523c81e7a2147e35fff1536b42

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
via
1.1 vegur
vary
Origin
cf-cache-status
DYNAMIC
status
200
x-database-date
Sun, 15 Dec 2019 05:34:26 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
9999
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
x-ratelimit-reset
3600
x-ratelimit-limit
10000
cf-ray
5458e9b22e2b8c92-VIE
instbid_1_34_release_20190807.js
df80k0z3fi8zg.cloudfront.net/files/ Frame 8B6C 		218 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8075fe09e142b517a80252d1befdd7c1d6f4938ada76218ad6a2ac25d7aea997

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 23:05:00 GMT
content-encoding
gzip
last-modified
Mon, 05 Aug 2019 21:52:22 GMT
server
AmazonS3
age
12315
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
ZyO56HU_sYG3L.Nf3MAtxCLO1RTIEG4J
status
200
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
Uq6oDhDsZ8QWPKgSXIheK_9pU5tqCHWoW0q1LdPqeabkUP0bDxbBRg==
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
apstag.js
c.amazon-adsystem.com/aax2/ Frame 8B6C 		87 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-213-153.fra53.r.cloudfront.net
Software
Server /
Resource Hash
0f144f16507d02eabc67a131e4d54ac36266dcfe3dac263a6971265371eff7b9

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 16:30:17 GMT
content-encoding
gzip
server
Server
age
64799
etag
6bed68e25cc35021d570267b56047ef8
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
NmesvAz1UQCKJuujim5_ElaV9rZ5F0FsbJf8cKP8Tn6nh67sHOmh_g==
via
1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
/
geoip.insticator.com/json/ Frame 8A1C 		246 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09fb98a3ed180eefce986596a01b86e93190fc523c81e7a2147e35fff1536b42

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
via
1.1 vegur
vary
Origin
cf-cache-status
DYNAMIC
status
200
x-database-date
Sun, 15 Dec 2019 05:34:26 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
9994
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
x-ratelimit-reset
3599
x-ratelimit-limit
10000
cf-ray
5458e9b22e298c92-VIE
/
geoip.insticator.com/json/ Frame 8A1C 		246 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09fb98a3ed180eefce986596a01b86e93190fc523c81e7a2147e35fff1536b42

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
via
1.1 vegur
vary
Origin
cf-cache-status
DYNAMIC
status
200
x-database-date
Sun, 15 Dec 2019 05:34:26 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
9995
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
x-ratelimit-reset
3599
x-ratelimit-limit
10000
cf-ray
5458e9b22e2e8c92-VIE
instbid_1_34_release_20190807.js
df80k0z3fi8zg.cloudfront.net/files/ Frame 8A1C 		218 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8075fe09e142b517a80252d1befdd7c1d6f4938ada76218ad6a2ac25d7aea997

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 23:05:00 GMT
content-encoding
gzip
last-modified
Mon, 05 Aug 2019 21:52:22 GMT
server
AmazonS3
age
12315
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
ZyO56HU_sYG3L.Nf3MAtxCLO1RTIEG4J
status
200
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
VEyq2wz7sAqor4L-bkgfhs4-XXTQ1gC_zw7lf8rz4fyIkB3x_hxVpw==
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
apstag.js
c.amazon-adsystem.com/aax2/ Frame 8A1C 		87 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-213-153.fra53.r.cloudfront.net
Software
Server /
Resource Hash
0f144f16507d02eabc67a131e4d54ac36266dcfe3dac263a6971265371eff7b9

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 16:30:17 GMT
content-encoding
gzip
server
Server
age
64799
etag
6bed68e25cc35021d570267b56047ef8
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
dbffLgwiqXGpwthuad7w7B7zT6ifNIKXpz9B6-Wkcah-jsllfPvenw==
via
1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
truncated
/ Frame BBB2 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ae4b1134610b879a8fc02b54f498be059af407cad147386752da01e99cc9bdb

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8A1C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9e8f6a09ef41b5febb82e983724b173281e4a58df63c12742310e7d139989d5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8B6C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b6e2e9877591145a545a7edd66198f42f0ee7fa00e7de84ceb83d8f501ce735

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
prebid
ib.adnxs.com/ut/v3/ Frame BBB2 		0
0
v1
dmx.districtm.io/b/ Frame BBB2 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method
POST
Origin
https://www.gazetaexpress.com
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.gazetaexpress.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
status
204
access-control-max-age
14400
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
5458e9b92e30d8e5-AMS
access-control-allow-headers
origin, content-type
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BBB2 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BBB2 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame BBB2 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame BBB2 		0
0
trinity.json
apex.go.sonobi.com/ Frame BBB2 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8B6C 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8B6C 		0
0
v1
dmx.districtm.io/b/ Frame 8B6C 		0
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method
POST
Origin
https://www.gazetaexpress.com
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.gazetaexpress.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
status
204
access-control-max-age
14400
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
5458e9b92e3ad8e5-AMS
access-control-allow-headers
origin, content-type
trinity.json
apex.go.sonobi.com/ Frame 8B6C 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 8B6C 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 8B6C 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 8B6C 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8A1C 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8A1C 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 8A1C 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 8A1C 		0
0
trinity.json
apex.go.sonobi.com/ Frame 8A1C 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 8A1C 		0
0
v1
dmx.districtm.io/b/ Frame 8A1C 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34_release_20190807.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method
POST
Origin
https://www.gazetaexpress.com
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.gazetaexpress.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
status
204
access-control-max-age
14400
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
5458e9b92e36d8e5-AMS
access-control-allow-headers
origin, content-type
0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
d3lcz8vpax4lo2.cloudfront.net/embed-code/ Frame 8219 		352 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:5e00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19b17a969c9f4b7234b4f7ea4d8e3f293a3180f1948b3eb010f31e07b7711106

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Dec 2019 10:46:38 GMT
content-encoding
gzip
last-modified
Thu, 07 Nov 2019 15:45:06 GMT
server
AmazonS3
age
184105
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
xFfFFKZ1_Qwsg948LwCDNFZRW05elLo5
status
200
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA6-C1
content-type
application/javascript
x-amz-cf-id
Fik96btrSO78dMk2EdzYyuWI3yv11AVXgti1ob0nWGsLOZEx9BKnzA==
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
d3lcz8vpax4lo2.cloudfront.net/embed-code/ Frame F9DB 		352 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:5e00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19b17a969c9f4b7234b4f7ea4d8e3f293a3180f1948b3eb010f31e07b7711106

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Dec 2019 10:46:38 GMT
content-encoding
gzip
last-modified
Thu, 07 Nov 2019 15:45:06 GMT
server
AmazonS3
age
184105
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
xFfFFKZ1_Qwsg948LwCDNFZRW05elLo5
status
200
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA6-C1
content-type
application/javascript
x-amz-cf-id
T7A1mjke7NFQIkBTTELGJ-QaPzU9pU_aGOP61H6XwjE_fk2rstYb8g==
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
d3lcz8vpax4lo2.cloudfront.net/embed-code/ Frame 21D9 		352 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:5e00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19b17a969c9f4b7234b4f7ea4d8e3f293a3180f1948b3eb010f31e07b7711106

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Dec 2019 10:46:38 GMT
content-encoding
gzip
last-modified
Thu, 07 Nov 2019 15:45:06 GMT
server
AmazonS3
age
184105
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
xFfFFKZ1_Qwsg948LwCDNFZRW05elLo5
status
200
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA6-C1
content-type
application/javascript
x-amz-cf-id
nfrALoXymkrHDDfaVBtIRpdWiRpXGuI9XyyRzt6yegjMWj3_RS_Fww==
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
css
fonts.googleapis.com/ Frame 8219 		3 KB
560 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
218cd0b67ca26b5a6d1891256a4402a9c2ec65a68a039d96d36b17e595ff5285
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 15 Dec 2019 13:55:02 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 15 Dec 2019 13:55:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:02 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ Frame 8219 		50 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
content-encoding
gzip
last-modified
Fri, 02 Nov 2018 15:16:46 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
analytics.js
www.google-analytics.com/ Frame 8219 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4885
date
Sun, 15 Dec 2019 12:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sun, 15 Dec 2019 14:33:37 GMT
/
geoip.insticator.com/json/ Frame 8219 		246 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09fb98a3ed180eefce986596a01b86e93190fc523c81e7a2147e35fff1536b42

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
via
1.1 vegur
vary
Origin
cf-cache-status
DYNAMIC
status
200
x-database-date
Sun, 15 Dec 2019 05:34:26 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
9993
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
x-ratelimit-reset
3599
x-ratelimit-limit
10000
cf-ray
5458e9b608a58c92-VIE
event
event.insticator.com/v1/ Frame 8219 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_embed-loaded
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.gazetaexpress.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
POST
status
200
access-control-max-age
3600
access-control-allow-credentials
true
cf-ray
5458e9b618a88c92-VIE
access-control-allow-headers
content-type
content-length
0
event
event.insticator.com/v1/ Frame 8219 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_embed-in-view
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.gazetaexpress.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
POST
status
200
access-control-max-age
3600
access-control-allow-credentials
true
cf-ray
5458e9b618a98c92-VIE
access-control-allow-headers
content-type
content-length
0
logo-insticator-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 8219 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-insticator-light.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6413b7dec6a597c00831914e8e4391b59538c6104cea547e13350840cc7c616b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 23:05:03 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
50280
etag
"31605596be6a56e2ccc39b5ddc16be95"
x-cache
Hit from cloudfront
x-amz-version-id
CTBFOiOZF9Pc8nkBYDMEiY0Rbq5FsRhl
status
200
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
21163
x-amz-cf-id
J363SHQDI6s381tPWPhHYb4mLuB89vrMHSapX3xzniiCSVAboT7p5A==
logo-giphy.gif
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 8219 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-giphy.gif
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ad4ec405159beb9e962e752ab2696369ee2436ac7b4e7e34c99f9ba22aa1fe4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
6s1xHKpyJMfBO7E3xKrrzQcN3hUsgxCx
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Tue, 21 Aug 2018 23:56:52 GMT
server
AmazonS3
age
38704
etag
"9be4d53630dea437d62f2a2441634674"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
date
Fri, 13 Dec 2019 23:36:47 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
4769
x-amz-cf-id
ClhYZXCQuiXjXTrtbY27ZY3QjlPLx6cJVgmqnZBGIhz7n5bdao8DvQ==
logo-facebook.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 8219 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-facebook.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1defd5791b61d4a0aa9417ca6fcae832f6ce0172e61ce0290ad567e7cd511973

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
ULtGRAG0cozVmrk8QTxkU4CRg4lLUOvG
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
38704
etag
"60b5cab66c2ac82262a0da5346037875"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Fri, 13 Dec 2019 23:29:03 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
20991
x-amz-cf-id
rRlGMtHF1H9KYIbpA_hjewPW0Exp_EJVyll6S63Lj8wkZjeBwHn58Q==
logo-facebook-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 8219 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-facebook-light.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41f31dd2e2557de961bcc07f0e0f320a637632c9ae48416c0d9ee25294ed0ffe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
iVGTFYl9UoOIsb_VjgmcCUFWcozgxrNA
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
50285
etag
"1aa9c1ee9848a890aac9ed2e662345b8"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Sun, 15 Dec 2019 04:19:26 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
21054
x-amz-cf-id
cmH61_64k0g8tJzkkt5O40oeIO0rBU1f04uHtTFyA6bIdy8mtF1KhA==
logo-twitter.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 8219 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-twitter.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aeb5540c19002caf52af3502b43ff4d503ec33ace0119153b8ea525cf1e1d580

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 23:04:57 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
50280
etag
"8e6f619e7da6deedeb066c522967841e"
x-cache
Hit from cloudfront
x-amz-version-id
PabYyULYcagrrnl5_VBagXR6.2QcHh82
status
200
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
21925
x-amz-cf-id
QMmWthovqRK5v-YYL2oFMXrqnbwkqNdWgbwmWQNrXLbdA_YDC_D43Q==
logo-twitter-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 8219 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-twitter-light.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
74a587c5c9706f95046b2dcf80f6bb90cd488ae4edb45e9bcd4507d3787a88d7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 23:04:57 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
51496
etag
"27f2f41e838101e82a68c5d8a255f0f8"
x-cache
Hit from cloudfront
x-amz-version-id
qL1Phj4H.8a2GAJwlw0J623oQlDV0Krh
status
200
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
21920
x-amz-cf-id
yGB_wo9WGHomi-Y9I7rnrbo3bM4_KRV0RCRRuxNR8qljnFB1_r_MQg==
icon-check.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 8219 		649 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/icon-check.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
hmsI6iaZVJVbWmWfdDEj8IUq8AjvoEjw
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:56 GMT
server
AmazonS3
age
38700
etag
"b673377b664a0b33454c267d911fcfc1"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Fri, 13 Dec 2019 23:56:52 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
649
x-amz-cf-id
zdVNiNP3GhGi3_hvINaNVyc1qbvG0ZFuTc8QrDdXvHW4JdQPLRkTxg==
graphic-ooc.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 8219 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/graphic-ooc.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45df18bdacb438598423616ef9b6f85a5d26e1aab8d426209937423d477d80e6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 23:04:58 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 22:29:18 GMT
server
AmazonS3
age
50285
etag
"9e51f7cb70aed79b30392a1909d568ab"
x-cache
Hit from cloudfront
x-amz-version-id
h4Ib2m7Gg.0JamqBIDYCvhEivLLP.vl4
status
200
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
11480
x-amz-cf-id
EtQZXlRqtyQihra19xKoFO3zoeEbzOWlizonMD7674eMK6NhSNC2Mw==
logo-insticator-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 21D9 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-insticator-light.png
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6413b7dec6a597c00831914e8e4391b59538c6104cea547e13350840cc7c616b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 23:05:03 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
50280
etag
"31605596be6a56e2ccc39b5ddc16be95"
x-cache
Hit from cloudfront
x-amz-version-id
CTBFOiOZF9Pc8nkBYDMEiY0Rbq5FsRhl
status
200
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
21163
x-amz-cf-id
hTGtsEGp5y561WQT3xlLMDbwj0hx9e91VWzzMuyR4kqhAUxzHqYOhg==
logo-giphy.gif
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 21D9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-giphy.gif
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ad4ec405159beb9e962e752ab2696369ee2436ac7b4e7e34c99f9ba22aa1fe4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
6s1xHKpyJMfBO7E3xKrrzQcN3hUsgxCx
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Tue, 21 Aug 2018 23:56:52 GMT
server
AmazonS3
age
38704
etag
"9be4d53630dea437d62f2a2441634674"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
date
Fri, 13 Dec 2019 23:36:47 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
4769
x-amz-cf-id
Eu7_RXdkRUZXi-I9QiUQ5k7r77Xn8hCl2_-WI8nuMCigePwg6I7thA==
logo-facebook.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 21D9 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-facebook.png
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1defd5791b61d4a0aa9417ca6fcae832f6ce0172e61ce0290ad567e7cd511973

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
ULtGRAG0cozVmrk8QTxkU4CRg4lLUOvG
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
38704
etag
"60b5cab66c2ac82262a0da5346037875"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Fri, 13 Dec 2019 23:29:03 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
20991
x-amz-cf-id
IqUYnQj8-Y6Q0uz1_0ROFzCnwdnBIW9YdVDsKoWlqOjR40jQFEzrew==
logo-facebook-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 21D9 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-facebook-light.png
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41f31dd2e2557de961bcc07f0e0f320a637632c9ae48416c0d9ee25294ed0ffe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
iVGTFYl9UoOIsb_VjgmcCUFWcozgxrNA
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
50285
etag
"1aa9c1ee9848a890aac9ed2e662345b8"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Sun, 15 Dec 2019 04:19:26 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
21054
x-amz-cf-id
6S1FhTPZacuelVrTOKX948gyD7ItRgpzvr9Q3nkGxvj2ArTNmSdclg==
logo-twitter.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 21D9 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-twitter.png
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aeb5540c19002caf52af3502b43ff4d503ec33ace0119153b8ea525cf1e1d580

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 23:04:57 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
50280
etag
"8e6f619e7da6deedeb066c522967841e"
x-cache
Hit from cloudfront
x-amz-version-id
PabYyULYcagrrnl5_VBagXR6.2QcHh82
status
200
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
21925
x-amz-cf-id
5C8PjM5m0TB9g2KQPIdJKDXnROrRHD_CSrmd2zsyF6iplhhLRaOn8A==
logo-twitter-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 21D9 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-twitter-light.png
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
74a587c5c9706f95046b2dcf80f6bb90cd488ae4edb45e9bcd4507d3787a88d7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 23:04:57 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
51496
etag
"27f2f41e838101e82a68c5d8a255f0f8"
x-cache
Hit from cloudfront
x-amz-version-id
qL1Phj4H.8a2GAJwlw0J623oQlDV0Krh
status
200
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
21920
x-amz-cf-id
p9caRlYoZ6kTvdTzyLEQyJaGrOmwNf8e6VqYwGn_Bh-LOWQBrmWf8w==
icon-check.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 21D9 		649 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/icon-check.png
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
hmsI6iaZVJVbWmWfdDEj8IUq8AjvoEjw
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:56 GMT
server
AmazonS3
age
38700
etag
"b673377b664a0b33454c267d911fcfc1"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Fri, 13 Dec 2019 23:56:52 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
649
x-amz-cf-id
oPd00tEOZHbgtbZN6ubhTOr9QevUBK-Tu_V4RW84TUdqrydqno92xA==
graphic-ooc.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 21D9 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/graphic-ooc.png
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45df18bdacb438598423616ef9b6f85a5d26e1aab8d426209937423d477d80e6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 23:04:58 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 22:29:18 GMT
server
AmazonS3
age
50285
etag
"9e51f7cb70aed79b30392a1909d568ab"
x-cache
Hit from cloudfront
x-amz-version-id
h4Ib2m7Gg.0JamqBIDYCvhEivLLP.vl4
status
200
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
11480
x-amz-cf-id
7aOnmONxmd3akhCF6eniwN4dmm6tfMKtxMBle0BT4hpffEybATdE0g==
css
fonts.googleapis.com/ Frame 21D9 		3 KB
514 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
218cd0b67ca26b5a6d1891256a4402a9c2ec65a68a039d96d36b17e595ff5285
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 15 Dec 2019 13:55:02 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 15 Dec 2019 13:55:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:02 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ Frame 21D9 		50 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
content-encoding
gzip
last-modified
Fri, 02 Nov 2018 15:16:46 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
analytics.js
www.google-analytics.com/ Frame 21D9 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4885
date
Sun, 15 Dec 2019 12:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sun, 15 Dec 2019 14:33:37 GMT
/
geoip.insticator.com/json/ Frame 21D9 		246 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09fb98a3ed180eefce986596a01b86e93190fc523c81e7a2147e35fff1536b42

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
via
1.1 vegur
vary
Origin
cf-cache-status
DYNAMIC
status
200
x-database-date
Sun, 15 Dec 2019 05:34:26 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
9992
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
x-ratelimit-reset
3599
x-ratelimit-limit
10000
cf-ray
5458e9b6b8f58c92-VIE
event
event.insticator.com/v1/ Frame 21D9 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_embed-loaded
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.gazetaexpress.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
POST
status
200
access-control-max-age
3600
access-control-allow-credentials
true
cf-ray
5458e9b6c8fa8c92-VIE
access-control-allow-headers
content-type
content-length
0
event
event.insticator.com/v1/ Frame 21D9 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_embed-in-view
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.gazetaexpress.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
POST
status
200
access-control-max-age
3600
access-control-allow-credentials
true
cf-ray
5458e9b6c8fc8c92-VIE
access-control-allow-headers
content-type
content-length
0
logo-insticator-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame F9DB 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-insticator-light.png
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6413b7dec6a597c00831914e8e4391b59538c6104cea547e13350840cc7c616b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 23:05:03 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
50280
etag
"31605596be6a56e2ccc39b5ddc16be95"
x-cache
Hit from cloudfront
x-amz-version-id
CTBFOiOZF9Pc8nkBYDMEiY0Rbq5FsRhl
status
200
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
21163
x-amz-cf-id
DmzTSNQ3xr69urkeHlNvm8ei5YsMEL8ELvYKxXVGmPncuX1O9qQlIg==
logo-giphy.gif
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame F9DB 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-giphy.gif
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ad4ec405159beb9e962e752ab2696369ee2436ac7b4e7e34c99f9ba22aa1fe4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
6s1xHKpyJMfBO7E3xKrrzQcN3hUsgxCx
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Tue, 21 Aug 2018 23:56:52 GMT
server
AmazonS3
age
38704
etag
"9be4d53630dea437d62f2a2441634674"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
date
Fri, 13 Dec 2019 23:36:47 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
4769
x-amz-cf-id
VaCwlg7tWXa2HnSJy2dGT-16dfxezS1idAK6uCP2BgEXve7Hc97tdg==
logo-facebook.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame F9DB 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-facebook.png
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1defd5791b61d4a0aa9417ca6fcae832f6ce0172e61ce0290ad567e7cd511973

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
ULtGRAG0cozVmrk8QTxkU4CRg4lLUOvG
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
38704
etag
"60b5cab66c2ac82262a0da5346037875"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Fri, 13 Dec 2019 23:29:03 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
20991
x-amz-cf-id
KEEivRrZPsLfDwHU8IrePzOxu4rwJParH0y6KbFrya5hIVGEpgaSIw==
logo-facebook-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame F9DB 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-facebook-light.png
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41f31dd2e2557de961bcc07f0e0f320a637632c9ae48416c0d9ee25294ed0ffe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
iVGTFYl9UoOIsb_VjgmcCUFWcozgxrNA
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
50285
etag
"1aa9c1ee9848a890aac9ed2e662345b8"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Sun, 15 Dec 2019 04:19:26 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
21054
x-amz-cf-id
xKNm8wiBbdn_VbeC4bPgis7eeeg86dkNPjfHD4XAXD8kp9dCDTLTIQ==
logo-twitter.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame F9DB 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-twitter.png
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aeb5540c19002caf52af3502b43ff4d503ec33ace0119153b8ea525cf1e1d580

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 23:04:57 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
50280
etag
"8e6f619e7da6deedeb066c522967841e"
x-cache
Hit from cloudfront
x-amz-version-id
PabYyULYcagrrnl5_VBagXR6.2QcHh82
status
200
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
21925
x-amz-cf-id
prenv-JU5WMUHNxAQchyrZNgUwPdMyOwJbEyWI-mgXJojpHqUonTEA==
logo-twitter-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame F9DB 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-twitter-light.png
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
74a587c5c9706f95046b2dcf80f6bb90cd488ae4edb45e9bcd4507d3787a88d7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 23:04:57 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
51496
etag
"27f2f41e838101e82a68c5d8a255f0f8"
x-cache
Hit from cloudfront
x-amz-version-id
qL1Phj4H.8a2GAJwlw0J623oQlDV0Krh
status
200
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
21920
x-amz-cf-id
WTsRjpGVmAv5-3GQY3zHRn5Ljl0Rd24lNdpkvGJ9NItphRuse71aAA==
icon-check.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame F9DB 		649 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/icon-check.png
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
hmsI6iaZVJVbWmWfdDEj8IUq8AjvoEjw
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:56 GMT
server
AmazonS3
age
38700
etag
"b673377b664a0b33454c267d911fcfc1"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Fri, 13 Dec 2019 23:56:52 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
649
x-amz-cf-id
Wi33KOEFjlM0LKw5jdWkGavZNcVa0QuwggASdh5r58IzhJPTnhqgig==
graphic-ooc.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame F9DB 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/graphic-ooc.png
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45df18bdacb438598423616ef9b6f85a5d26e1aab8d426209937423d477d80e6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 23:04:58 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 22:29:18 GMT
server
AmazonS3
age
50285
etag
"9e51f7cb70aed79b30392a1909d568ab"
x-cache
Hit from cloudfront
x-amz-version-id
h4Ib2m7Gg.0JamqBIDYCvhEivLLP.vl4
status
200
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
11480
x-amz-cf-id
pvORdbn5Npdd50__bOawrIYRQc1K3CFov5lfsgUfAhVUOd6Kd2FjQw==
css
fonts.googleapis.com/ Frame F9DB 		3 KB
514 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
218cd0b67ca26b5a6d1891256a4402a9c2ec65a68a039d96d36b17e595ff5285
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 15 Dec 2019 13:55:02 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 15 Dec 2019 13:55:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:02 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ Frame F9DB 		50 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:02 GMT
content-encoding
gzip
last-modified
Fri, 02 Nov 2018 15:16:46 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
analytics.js
www.google-analytics.com/ Frame F9DB 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4885
date
Sun, 15 Dec 2019 12:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sun, 15 Dec 2019 14:33:37 GMT
/
geoip.insticator.com/json/ Frame F9DB 		246 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09fb98a3ed180eefce986596a01b86e93190fc523c81e7a2147e35fff1536b42

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
via
1.1 vegur
vary
Origin
cf-cache-status
DYNAMIC
status
200
x-database-date
Sun, 15 Dec 2019 05:34:26 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
9991
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
x-ratelimit-reset
3599
x-ratelimit-limit
10000
cf-ray
5458e9b739378c92-VIE
event
event.insticator.com/v1/ Frame F9DB 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_embed-loaded
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.gazetaexpress.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
POST
status
200
access-control-max-age
3600
access-control-allow-credentials
true
cf-ray
5458e9b749398c92-VIE
access-control-allow-headers
content-type
content-length
0
event
event.insticator.com/v1/ Frame F9DB 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_embed-in-view
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.gazetaexpress.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
POST
status
200
access-control-max-age
3600
access-control-allow-credentials
true
cf-ray
5458e9b7493c8c92-VIE
access-control-allow-headers
content-type
content-length
0
collect
www.google-analytics.com/r/ Frame 8219 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1347812702&t=pageview&_s=1&dl=about%3A%2F%2F%2Fblank&dp=%2F859fcd69-b12d-4607-82e2-1c3a0600836a&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=160x350&je=0&_u=YEBAAGAB~&jid=907484768&gjid=323226602&cid=556542942.1576418103&tid=UA-123718506-7&_gid=1579679536.1576418103&_r=1&z=573747407
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
usertracking
b2c.insticator.com/v3/pages/ Frame BC2D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:190b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
b2c.insticator.com
:scheme
https
:path
/v3/pages/usertracking
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
accept-encoding
gzip, deflate, br
cookie
__cfduid=df6307e0ca9fbd6df62bb7fb7a2a3bc441576418102
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 15 Dec 2019 13:55:03 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5458e9b799f6cbc8-VIE
content-encoding
gzip
event
event.insticator.com/v1/ Frame 8219 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_embed-loaded
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
201
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cf-ray
5458e9b7a9878c92-VIE
content-length
0
event
event.insticator.com/v1/ Frame 8219 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_embed-in-view
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
201
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cf-ray
5458e9b7a9888c92-VIE
content-length
0
event
event.insticator.com/v1/ Frame 21D9 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_embed-loaded
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
201
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cf-ray
5458e9b7d9a58c92-VIE
content-length
0
abbLiUiflUkIjF6MCYxInonMFozWExBfH5-LDIrMXomIVhUS1RBfH0tWCN8KTAiQS8iIyIvLyIvWEEwIjAwJiwrei8iIyIvLyIvWEEwIjAwJiwreioiMDB8JCJ6fiwyKzFYS0EnM1hNSUtJTExUUEF-IX5YNCYrISw0SXowLXpJKjAkSXomKzEiLyt8KUl-IX5MQS...
message909.gazetaexpress.com/ 		24 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://message909.gazetaexpress.com/abbLiUiflUkIjF6MCYxInonMFozWExBfH5-LDIrMXomIVhUS1RBfH0tWCN8KTAiQS8iIyIvLyIvWEEwIjAwJiwrei8iIyIvLyIvWEEwIjAwJiwreioiMDB8JCJ6fiwyKzFYS0EnM1hNSUtJTExUUEF-IX5YNCYrISw0SXowLXpJKjAkSXomKzEiLyt8KUl-IX5MQSUvIiNYJTExLTBATlxATWFATWE0NDRJJHw3IjF8IjUtLyIwMEl-LCpATWFBfiwrMCIrMXBwZF9YfHx9I35MTyJII04iUUhPI1N8SFN-Ik1IT35OU0t-fFB9USFMQS8iLjIiMDFwcGRfWExMTFJ9UHxMSFFTI05IT0tMUkhTVFBRSH1-I1QjS3x-I35LUEhMUFJRT0xTS1RUTk9RQX4sLCgmIlhAUF1ATU16MC16Iit8fSkieiEjLXotIi8wLCt8KSY3IiF6fCEwQE5fI3wpMCJATl1ATU1AUF9BKSx8ISIhX3wxfFhAUF1AUl1ATU0mIUBNTUBOXEBNTV5qaW5gaW9ATlwiKyEtLCYrMUBOXCUxMS0wQE5cQE1hQE1hMCwyL34iLSwmKzFJKiQvSX4sKzAiKzAySSwvJEBOXE9UTU5ATU1ATV5ATU0vIjAyKTFATU1ATlxATU1AUl1AUF5ATU0lfDBeLCswIisxX3wxfEBQXkBNTUBOXCN8KTAiQE1eQFBeQE1NfiwrMCIrMSIhbyxcKzZAUF5ATU1ATlwrMikpQE1eQFBeQE1NLyInIn4xIiFcKzZAUF5ATU1ATlwrMikpQE1eQFBeQE1NfiwrMCIrMSIhbyxcKSlAUF5ATU1ATlwrMikpQE1eQFBeQE1NMCUsLzFeJi9-MiYxXyIxIn4xJiwrQFBeQE1NQE5cI3wpMCJATV5AUF5ATU1-LCswIisxcHBkX0BQXkBNTUBOXEBQXkBNTXx8fSN-TE8iSCNOIlFITyNTfEhTfiJNSE9-TlNLfnxQfVEhTEBQXkBNTUBSX0BNTUBSX0BQXw==
Requested by
Host: projectagoralibs.com
URL: https://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.131.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-131-208.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
1e4ae65c985b79e06d75f99f24339d5a08339e3de2265e278a41152de71676b7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:03 GMT
x-sp-mms-node
mms-arj.node.fra.consul
server
Jetty(9.4.2.v20170220)
access-control-allow-methods
GET
content-type
application/javascript
status
200
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-sp-mms-env
1
expires
Sat, 15 Nov 2008 16:00:00 GMT
usertracking
b2c.insticator.com/v3/pages/ Frame A6A3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:190b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
b2c.insticator.com
:scheme
https
:path
/v3/pages/usertracking
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
accept-encoding
gzip, deflate, br
cookie
__cfduid=df6307e0ca9fbd6df62bb7fb7a2a3bc441576418102
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 15 Dec 2019 13:55:03 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5458e9b7ead2cbc8-VIE
content-encoding
gzip
event
event.insticator.com/v1/ Frame 21D9 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_embed-in-view
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
201
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cf-ray
5458e9b7f9ae8c92-VIE
content-length
0
collect
www.google-analytics.com/ Frame 21D9 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=898551823&t=pageview&_s=1&dl=about%3A%2F%2F%2Fblank&dp=%2F859fcd69-b12d-4607-82e2-1c3a0600836a&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=160x350&je=0&_u=QACAAGAB~&jid=&gjid=&cid=556542942.1576418103&tid=UA-123718506-7&_gid=1579679536.1576418103&z=1230432882
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 17:46:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2059707
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame F9DB 		35 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1413017876&t=pageview&_s=1&dl=about%3A%2F%2F%2Fblank&dp=%2F859fcd69-b12d-4607-82e2-1c3a0600836a&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=728x350&je=0&_u=QACAAGAB~&jid=&gjid=&cid=556542942.1576418103&tid=UA-123718506-7&_gid=1579679536.1576418103&z=671075450
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 17:46:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2059707
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
usertracking
b2c.insticator.com/v3/pages/ Frame 6974 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:190b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
b2c.insticator.com
:scheme
https
:path
/v3/pages/usertracking
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
accept-encoding
gzip, deflate, br
cookie
__cfduid=df6307e0ca9fbd6df62bb7fb7a2a3bc441576418102
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 15 Dec 2019 13:55:03 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5458e9b82b97cbc8-VIE
content-encoding
gzip
event
event.insticator.com/v1/ Frame F9DB 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_embed-loaded
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
201
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cf-ray
5458e9b829cd8c92-VIE
content-length
0
event
event.insticator.com/v1/ Frame F9DB 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_embed-in-view
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
201
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cf-ray
5458e9b829d38c92-VIE
content-length
0
logo4.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/logo4.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
52f6baa4367d3492023611c8c777e5e3a1de46e3e7649457367a2606a6429096

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
HIT
last-modified
Tue, 16 Apr 2019 22:29:05 GMT
server
cloudflare
age
230104
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
5458e9b84cd8d8bd-AMS
expires
Sun, 22 Dec 2019 21:59:59 GMT
event
event.insticator.com/v1/ Frame BBB2 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.gazetaexpress.com
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
access-control-allow-origin,content-type

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.gazetaexpress.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
POST
status
200
access-control-max-age
3600
access-control-allow-credentials
true
cf-ray
5458e9b88a0d8c92-VIE
access-control-allow-headers
access-control-allow-origin,content-type
content-length
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame BBB2 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-213-153.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 10:46:48 GMT
content-encoding
gzip
vary
Origin
age
11297
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Fri, 01 Nov 2019 13:46:13 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
lZ7NvB4G6JDQ_d6RPnbg-cMoCGIPdql051aXRtBry50pJHkRrTzyXQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 8A1C 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-213-153.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Fri, 13 Dec 2019 10:46:39 GMT
content-encoding
gzip
last-modified
Fri, 01 Nov 2019 13:46:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
status
200
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
public, max-age=86400
x-cache
Hit from cloudfront
x-amz-cf-id
iSw79uTx6hNB_sdaRFEuLtfsZvMGZhE8dn2zVGOtKVWxuOL2NcsRuA==
via
1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 8B6C 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-213-153.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Fri, 13 Dec 2019 10:46:39 GMT
content-encoding
gzip
last-modified
Fri, 01 Nov 2019 13:46:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
status
200
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
public, max-age=86400
x-cache
Hit from cloudfront
x-amz-cf-id
KhLDDT8DunFSYtPjGHyLu6n3kRR8-H7n3yUSUPYcNLHSbLNMr7HBDQ==
via
1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
event
event.insticator.com/v1/ Frame BBB2 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
201
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cf-ray
5458e9b95a748c92-VIE
content-length
0
v1
dmx.districtm.io/b/ Frame 8B6C 		0
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
5458e9bb9c6572ed-AMS
access-control-allow-headers
origin, content-type
v1
dmx.districtm.io/b/ Frame 8A1C 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
5458e9bb9c6772ed-AMS
access-control-allow-headers
origin, content-type
v1
dmx.districtm.io/b/ Frame BBB2 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
5458e9bb9c6972ed-AMS
access-control-allow-headers
origin, content-type
activeview
pagead2.googlesyndication.com/pcs/ Frame BBB2 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYOTO8ZaPxNkdkLvAjqhQ-rIoH6XM4RMKraj9dk65ON6-vygSlVSEPHygi6fgJikgWFKnOteHfFkaJWidaYEAuy_u6APxea3Xy2vln1M0&sig=Cg0ArKJSzLn5SnHiEkuXEAE&adk=4206218631&tt=-1&bs=1600%2C1200&mtos=1078,1078,1078,1078,1078&tos=1078,0,0,0,0&p=225,143,575,303&mcvt=1078&rs=0&ht=0&tfs=214&tls=1292&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&lm=2&rst=1576418102025&dlt&rpt=176&isd=0&msd=0&ext&imams=1&xdi=0&ps=1600%2C1200&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-6-11-5-10-10-0-0-0&tvt=1289&is=160%2C600&iframe_loc=https%3A%2F%2Fwww.gazetaexpress.com%2F&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&clc=1&wf=0&cac=1&cd=0x0&itpl=19&v=20191206
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:03 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8A1C 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0mL5-CikprHX3NojZiqlSFEu7Tgj9VZ39gRXP-javgFicSteIof_EFNShsnKo-9HMUBDU0IMUsuYqp0V2wr-Ib9gXIMavw51bgfefT-0&sig=Cg0ArKJSzFdblj5KiuYrEAE&adk=4027716477&tt=-1&bs=1600%2C1200&mtos=1063,1063,1063,1063,1063&tos=1063,0,0,0,0&p=225,1143,575,1303&mcvt=1063&rs=0&ht=0&tfs=206&tls=1269&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&lm=2&rst=1576418102029&dlt&rpt=188&isd=0&msd=0&ext&imams=1&xdi=0&ps=1600%2C1200&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-3-11-3-10-10-0-0-0&tvt=1267&is=160%2C600&iframe_loc=https%3A%2F%2Fwww.gazetaexpress.com%2F&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&clc=1&wf=0&cac=1&cd=0x0&itpl=19&v=20191206
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:03 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.js
cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/ Frame DFB7 		63 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93979734947e854eb73795a9af1a01327203459fa171b49622691fac72fb8576

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
hHtYwWK0DZhzfaVwFJ3yaBKNSTpy6jI4
content-encoding
gzip
age
59
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:03 GMT
content-length
17527
x-amz-id-2
F75ZztgFrwOOLrk1Xz/yWbk9islXy73x1t0fgHJ8l1Vfolz9W9UBdlehG91QqxK304HitCiMawU=
x-served-by
cache-fra19165-FRA
last-modified
Tue, 10 Dec 2019 16:13:16 GMT
server
AmazonS3
x-timer
S1576418103.448800,VS0,VE1
etag
"9bc2ee67116f47b65f2bf79287b55137"
vary
Accept-Encoding
x-amz-request-id
FA53169CCFA0F3E9
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
46
x-cache-hits
1
publishertag.prebid.js
static.criteo.net/js/ld/ Frame EE95 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b7f09fcd3b0e1ea0802316344863eb8bfe55c8401f29fbb9a2d0fe2e4595a2d6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
content-encoding
gzip
last-modified
Tue, 05 Nov 2019 14:27:52 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5dc186e8-a744"
content-type
text/javascript
status
200
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Mon, 16 Dec 2019 13:55:03 GMT
loader.js
cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/ Frame 6772 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8369e98af36a8f0830b0367512dbc70852672313261164db123651de7c76b83

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
03brl6y6RJPvi.znQ12hSfzCIQ0ILeWN
content-encoding
gzip
age
109
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:03 GMT
content-length
17755
x-amz-id-2
vt2aTzOz3DHMxSn67Qji8D/lopj4c29aZp7Y9IUz5q6Ic071SWLceKWMr2CsgDH36CBPaEbvyJ8=
x-served-by
cache-fra19165-FRA
last-modified
Tue, 10 Dec 2019 14:58:32 GMT
server
AmazonS3
x-timer
S1576418103.448995,VS0,VE0
etag
"8260a89dc91bce44eef9551776577191"
vary
Accept-Encoding
x-amz-request-id
A376E80BC4C84319
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
46
x-cache-hits
2
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 3920 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b7f09fcd3b0e1ea0802316344863eb8bfe55c8401f29fbb9a2d0fe2e4595a2d6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
content-encoding
gzip
last-modified
Tue, 05 Nov 2019 14:27:52 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5dc186e8-a744"
content-type
text/javascript
status
200
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Mon, 16 Dec 2019 13:55:03 GMT
loader.js
cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/ Frame 9787 		63 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93979734947e854eb73795a9af1a01327203459fa171b49622691fac72fb8576

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
hHtYwWK0DZhzfaVwFJ3yaBKNSTpy6jI4
content-encoding
gzip
age
59
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:03 GMT
content-length
17527
x-amz-id-2
F75ZztgFrwOOLrk1Xz/yWbk9islXy73x1t0fgHJ8l1Vfolz9W9UBdlehG91QqxK304HitCiMawU=
x-served-by
cache-fra19165-FRA
last-modified
Tue, 10 Dec 2019 16:13:16 GMT
server
AmazonS3
x-timer
S1576418103.464114,VS0,VE0
etag
"9bc2ee67116f47b65f2bf79287b55137"
vary
Accept-Encoding
x-amz-request-id
FA53169CCFA0F3E9
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
46
x-cache-hits
2
publishertag.prebid.js
static.criteo.net/js/ld/ Frame DD0C 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b7f09fcd3b0e1ea0802316344863eb8bfe55c8401f29fbb9a2d0fe2e4595a2d6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
content-encoding
gzip
last-modified
Tue, 05 Nov 2019 14:27:52 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5dc186e8-a744"
content-type
text/javascript
status
200
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Mon, 16 Dec 2019 13:55:03 GMT
contents
cms.insticator.com/v3/ Frame 8219 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.insticator.com/v3/contents?embed_uuid=0d8571bb-31d1-4064-9f5d-3ce6b66e7580&cookie_id=null&content_order=RANDOM&for_embed=true&content_count=10
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a268cc7a2f7e81a2c72c106cf526e8ece2ecd327aec227b510d9a7ffb21a13e0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cf-ray
5458e9baeb518c92-VIE
impl.20191210-11-RELEASE.js
cdn.taboola.com/libtrc/ Frame 6772 		420 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62bc7ee490a49eaf013c8fe54fa147f0fb8e5a50e18f9767d839658641cd4c3d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
s0IkHmEy08EJndtirhlVLLySRfd.41M7
content-encoding
gzip
age
16
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:03 GMT
x-amz-replication-status
COMPLETED
content-length
120950
x-amz-id-2
8l7KV4ia/ZJR9FmMSDqjFG6/xZhja8cWHUb+9lSHqUHYH9OUVgRcg00aHS8uMx2PHZd2KUixNxY=
x-served-by
cache-fra19165-FRA
last-modified
Tue, 10 Dec 2019 14:05:49 GMT
server
AmazonS3
x-timer
S1576418103.492233,VS0,VE0
etag
"e97ac104858d2edc75c626bcdb613669"
vary
Accept-Encoding
x-amz-request-id
0F419B8A5416925D
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
91
beacon.js
sb.scorecardresearch.com/ Frame 6772 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.74.100.205 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-74-100-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
902
Expires
Mon, 16 Dec 2019 13:55:03 GMT
logo-insticator-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 8219 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-insticator-light.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6413b7dec6a597c00831914e8e4391b59538c6104cea547e13350840cc7c616b

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 23:05:03 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
50281
etag
"31605596be6a56e2ccc39b5ddc16be95"
x-cache
Hit from cloudfront
x-amz-version-id
CTBFOiOZF9Pc8nkBYDMEiY0Rbq5FsRhl
status
200
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
21163
x-amz-cf-id
jtszqelcFpNmN3WbPzS0omNWUHeyWVwLTKGvSBg19mB3tLPNrazLmA==
QGYpz_wNahGAdqQ43Rh3o4T8mNhNy_r-Kw.woff2
fonts.gstatic.com/s/worksans/v5/ Frame 8219 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v5/QGYpz_wNahGAdqQ43Rh3o4T8mNhNy_r-Kw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5a3fdd33eef5a838c25b2afe031bc8478dd97dcd175ce9b9d99c2a77163b6748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Origin
https://www.gazetaexpress.com

Response headers

date
Wed, 20 Nov 2019 04:46:42 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:25:40 GMT
server
sffe
age
2192901
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
16608
x-xss-protection
0
expires
Thu, 19 Nov 2020 04:46:42 GMT
QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
fonts.gstatic.com/s/worksans/v5/ Frame 8219 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v5/QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6a645c93a587df5075444babe7d852b13ed4e4d24e339e307551acf743e214ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Origin
https://www.gazetaexpress.com

Response headers

date
Fri, 22 Nov 2019 03:48:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:19:14 GMT
server
sffe
age
2023595
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15112
x-xss-protection
0
expires
Sat, 21 Nov 2020 03:48:28 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ Frame 8219 		72 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
last-modified
Fri, 02 Nov 2018 15:17:39 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
"fb493903265cad425ccdf8e04fc2de61"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
73852
loader.js
cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/ Frame 51B7 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8369e98af36a8f0830b0367512dbc70852672313261164db123651de7c76b83

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
03brl6y6RJPvi.znQ12hSfzCIQ0ILeWN
content-encoding
gzip
age
109
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:03 GMT
content-length
17755
x-amz-id-2
vt2aTzOz3DHMxSn67Qji8D/lopj4c29aZp7Y9IUz5q6Ic071SWLceKWMr2CsgDH36CBPaEbvyJ8=
x-served-by
cache-fra19165-FRA
last-modified
Tue, 10 Dec 2019 14:58:32 GMT
server
AmazonS3
x-timer
S1576418104.508095,VS0,VE0
etag
"8260a89dc91bce44eef9551776577191"
vary
Accept-Encoding
x-amz-request-id
A376E80BC4C84319
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
46
x-cache-hits
3
publishertag.prebid.js
static.criteo.net/js/ld/ Frame CD7F 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b7f09fcd3b0e1ea0802316344863eb8bfe55c8401f29fbb9a2d0fe2e4595a2d6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
content-encoding
gzip
last-modified
Tue, 05 Nov 2019 14:27:52 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5dc186e8-a744"
content-type
text/javascript
status
200
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Mon, 16 Dec 2019 13:55:03 GMT
impl.20191210-11-RELEASE.js
cdn.taboola.com/libtrc/ Frame DFB7 		420 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62bc7ee490a49eaf013c8fe54fa147f0fb8e5a50e18f9767d839658641cd4c3d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
s0IkHmEy08EJndtirhlVLLySRfd.41M7
content-encoding
gzip
age
16
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:03 GMT
x-amz-replication-status
COMPLETED
content-length
120950
x-amz-id-2
8l7KV4ia/ZJR9FmMSDqjFG6/xZhja8cWHUb+9lSHqUHYH9OUVgRcg00aHS8uMx2PHZd2KUixNxY=
x-served-by
cache-fra19165-FRA
last-modified
Tue, 10 Dec 2019 14:05:49 GMT
server
AmazonS3
x-timer
S1576418104.528399,VS0,VE0
etag
"e97ac104858d2edc75c626bcdb613669"
vary
Accept-Encoding
x-amz-request-id
0F419B8A5416925D
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
92
beacon.js
sb.scorecardresearch.com/ Frame DFB7 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.74.100.205 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-74-100-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
902
Expires
Mon, 16 Dec 2019 13:55:03 GMT
impl.20191210-11-RELEASE.js
cdn.taboola.com/libtrc/ Frame 9787 		420 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62bc7ee490a49eaf013c8fe54fa147f0fb8e5a50e18f9767d839658641cd4c3d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
s0IkHmEy08EJndtirhlVLLySRfd.41M7
content-encoding
gzip
age
16
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:03 GMT
x-amz-replication-status
COMPLETED
content-length
120950
x-amz-id-2
8l7KV4ia/ZJR9FmMSDqjFG6/xZhja8cWHUb+9lSHqUHYH9OUVgRcg00aHS8uMx2PHZd2KUixNxY=
x-served-by
cache-fra19165-FRA
last-modified
Tue, 10 Dec 2019 14:05:49 GMT
server
AmazonS3
x-timer
S1576418104.530936,VS0,VE0
etag
"e97ac104858d2edc75c626bcdb613669"
vary
Accept-Encoding
x-amz-request-id
0F419B8A5416925D
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
93
beacon.js
sb.scorecardresearch.com/ Frame 9787 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.74.100.205 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-74-100-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
902
Expires
Mon, 16 Dec 2019 13:55:03 GMT
contents
cms.insticator.com/v3/ Frame 21D9 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.insticator.com/v3/contents?embed_uuid=0d8571bb-31d1-4064-9f5d-3ce6b66e7580&cookie_id=null&content_order=RANDOM&for_embed=true&content_count=10
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a24a1be1cf61d08ebe4a84e5daaee19a0be57d8d62f6e6e9e98d8b9d0c328f9f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cf-ray
5458e9bb2b868c92-VIE
impl.20191210-11-RELEASE.js
cdn.taboola.com/libtrc/ Frame 51B7 		420 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62bc7ee490a49eaf013c8fe54fa147f0fb8e5a50e18f9767d839658641cd4c3d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
s0IkHmEy08EJndtirhlVLLySRfd.41M7
content-encoding
gzip
age
16
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:03 GMT
x-amz-replication-status
COMPLETED
content-length
120950
x-amz-id-2
8l7KV4ia/ZJR9FmMSDqjFG6/xZhja8cWHUb+9lSHqUHYH9OUVgRcg00aHS8uMx2PHZd2KUixNxY=
x-served-by
cache-fra19165-FRA
last-modified
Tue, 10 Dec 2019 14:05:49 GMT
server
AmazonS3
x-timer
S1576418104.583091,VS0,VE0
etag
"e97ac104858d2edc75c626bcdb613669"
vary
Accept-Encoding
x-amz-request-id
0F419B8A5416925D
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
94
beacon.js
sb.scorecardresearch.com/ Frame 51B7 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.74.100.205 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-74-100-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
902
Expires
Mon, 16 Dec 2019 13:55:03 GMT
logo-insticator-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 21D9 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-insticator-light.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6413b7dec6a597c00831914e8e4391b59538c6104cea547e13350840cc7c616b

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 23:05:03 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
50281
etag
"31605596be6a56e2ccc39b5ddc16be95"
x-cache
Hit from cloudfront
x-amz-version-id
CTBFOiOZF9Pc8nkBYDMEiY0Rbq5FsRhl
status
200
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
21163
x-amz-cf-id
CyvIkTjgMpoPijREfAsbVvN3Gq8hJoTMIbCeAqIVd_csR9RdhTl6Uw==
QGYpz_wNahGAdqQ43Rh3o4T8mNhNy_r-Kw.woff2
fonts.gstatic.com/s/worksans/v5/ Frame 21D9 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v5/QGYpz_wNahGAdqQ43Rh3o4T8mNhNy_r-Kw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5a3fdd33eef5a838c25b2afe031bc8478dd97dcd175ce9b9d99c2a77163b6748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Origin
https://www.gazetaexpress.com

Response headers

date
Wed, 20 Nov 2019 04:46:42 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:25:40 GMT
server
sffe
age
2192901
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
16608
x-xss-protection
0
expires
Thu, 19 Nov 2020 04:46:42 GMT
QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
fonts.gstatic.com/s/worksans/v5/ Frame 21D9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v5/QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6a645c93a587df5075444babe7d852b13ed4e4d24e339e307551acf743e214ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Origin
https://www.gazetaexpress.com

Response headers

date
Fri, 22 Nov 2019 03:48:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:19:14 GMT
server
sffe
age
2023595
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15112
x-xss-protection
0
expires
Sat, 21 Nov 2020 03:48:28 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ Frame 21D9 		72 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
last-modified
Fri, 02 Nov 2018 15:17:39 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
"fb493903265cad425ccdf8e04fc2de61"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
73852
b2
sb.scorecardresearch.com/ Frame 6772
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103588&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103588&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9=
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103588&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.74.100.205 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-74-100-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:03 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103588&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9=
Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:03 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
contents
cms.insticator.com/v3/ Frame F9DB 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.insticator.com/v3/contents?embed_uuid=0d8571bb-31d1-4064-9f5d-3ce6b66e7580&cookie_id=null&content_order=RANDOM&for_embed=true&content_count=10
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3a02ebe2f193291411750cfe0ff04c868b934606721d8e1aa03abf15dde8569

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cf-ray
5458e9bb7bd08c92-VIE
json
trc.taboola.com/gazetaexpress300x250hu-r16588074/trc/3/ Frame DFB7 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16588074/trc/3/json?tim=14%3A55%3A03.605&lti=deflated&data=%7B%22id%22%3A539%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1576418103602%2C%22cv%22%3A%2220191210-11-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A0%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A0%2C%22dw%22%3A0%2C%22dh%22%3A0%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D1%22%2C%22uip%22%3A%22gazetaexpressDisplay-16588074%22%2C%22orig_uip%22%3A%22gazetaexpressDisplay-16588074%22%2C%22cd%22%3A0%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
58a9c3d5ed13b0c441242a138a402ef72c57db925b7d224f50a34c55ea3ebfdb

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
108
date
Sun, 15 Dec 2019 13:55:03 GMT
content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
via
1.1 varnish
x-served-by
cache-fra19156-FRA
server
nginx
x-timer
S1576418104.663228,VS0,VE108
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
json
trc.taboola.com/gazetaexpress300x250hu-r16588074/trc/3/ Frame 9787 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16588074/trc/3/json?tim=14%3A55%3A03.611&lti=deflated&data=%7B%22id%22%3A998%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1576418103602%2C%22cv%22%3A%2220191210-11-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A0%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A0%2C%22dw%22%3A0%2C%22dh%22%3A0%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D1%22%2C%22uip%22%3A%22gazetaexpressDisplay-16588074%22%2C%22orig_uip%22%3A%22gazetaexpressDisplay-16588074%22%2C%22cd%22%3A0%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
637a33def98b55d5f35fe87c7e62cb5867862ec17812d49938f5380fa1ae49d6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
80
date
Sun, 15 Dec 2019 13:55:03 GMT
content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
via
1.1 varnish
x-served-by
cache-fra19156-FRA
server
nginx
x-timer
S1576418104.663214,VS0,VE80
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
logo-insticator-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame F9DB 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-insticator-light.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6413b7dec6a597c00831914e8e4391b59538c6104cea547e13350840cc7c616b

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 23:05:03 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
50281
etag
"31605596be6a56e2ccc39b5ddc16be95"
x-cache
Hit from cloudfront
x-amz-version-id
CTBFOiOZF9Pc8nkBYDMEiY0Rbq5FsRhl
status
200
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
21163
x-amz-cf-id
7pE2-s59UKEWOc7JSTLcxMKCSTiY8fG2cPjlxB_h9DD9yYL3vKnpwg==
QGYpz_wNahGAdqQ43Rh3o4T8mNhNy_r-Kw.woff2
fonts.gstatic.com/s/worksans/v5/ Frame F9DB 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v5/QGYpz_wNahGAdqQ43Rh3o4T8mNhNy_r-Kw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5a3fdd33eef5a838c25b2afe031bc8478dd97dcd175ce9b9d99c2a77163b6748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Origin
https://www.gazetaexpress.com

Response headers

date
Wed, 20 Nov 2019 04:46:42 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:25:40 GMT
server
sffe
age
2192901
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
16608
x-xss-protection
0
expires
Thu, 19 Nov 2020 04:46:42 GMT
QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
fonts.gstatic.com/s/worksans/v5/ Frame F9DB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v5/QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6a645c93a587df5075444babe7d852b13ed4e4d24e339e307551acf743e214ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Origin
https://www.gazetaexpress.com

Response headers

date
Fri, 22 Nov 2019 03:48:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:19:14 GMT
server
sffe
age
2023595
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15112
x-xss-protection
0
expires
Sat, 21 Nov 2020 03:48:28 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ Frame F9DB 		72 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
last-modified
Fri, 02 Nov 2018 15:17:39 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
"fb493903265cad425ccdf8e04fc2de61"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
73852
loader.js
cdn.taboola.com/libtrc/gazetaexpress300x600hu-r16588079/ Frame CC48 		63 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress300x600hu-r16588079/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02bde81bad1ba866f85169f19970090ddf44163f6a7f66f9d12f46e69b911f57

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
ISLzlvC.TDDfUWQBfp1fbJ2UQCo3RuEI
content-encoding
gzip
age
26
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:03 GMT
content-length
17514
x-amz-id-2
rbdZ0uPxyofbXudkO1jZgw6Ho8VHluaG2imobGhNVzQql8szw9icpotyhNDXbttnzA9npQWb/GM=
x-served-by
cache-fra19165-FRA
last-modified
Tue, 10 Dec 2019 16:13:16 GMT
server
AmazonS3
x-timer
S1576418104.631298,VS0,VE0
etag
"6aaf6360c4e1b0d02d84f22a96172eb2"
vary
Accept-Encoding
x-amz-request-id
99D587FFDA27A2B8
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
46
x-cache-hits
2
publishertag.prebid.js
static.criteo.net/js/ld/ Frame C5E6 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b7f09fcd3b0e1ea0802316344863eb8bfe55c8401f29fbb9a2d0fe2e4595a2d6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
content-encoding
gzip
last-modified
Tue, 05 Nov 2019 14:27:52 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5dc186e8-a744"
content-type
text/javascript
status
200
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Mon, 16 Dec 2019 13:55:03 GMT
b2
sb.scorecardresearch.com/ Frame DFB7
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103650&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103650&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9=
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103650&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.74.100.205 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-74-100-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:04 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103650&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9=
Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:03 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
event
event.insticator.com/v1/ Frame 8219 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_question-loaded
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.gazetaexpress.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
POST
status
200
access-control-max-age
3600
access-control-allow-credentials
true
cf-ray
5458e9bc3c5c8c92-VIE
access-control-allow-headers
content-type
content-length
0
null
www.gazetaexpress.com/ Frame 8219 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/null
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
59a7118e43d325e146ab8259100b2b2eac1bd79e60521201d33e3b449fde909f

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
404
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
5458e9bc3c48d8bd-AMS
link
<https://www.gazetaexpress.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
logo-giphy.gif
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 8219 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-giphy.gif
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ad4ec405159beb9e962e752ab2696369ee2436ac7b4e7e34c99f9ba22aa1fe4

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
6s1xHKpyJMfBO7E3xKrrzQcN3hUsgxCx
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Tue, 21 Aug 2018 23:56:52 GMT
server
AmazonS3
age
38705
etag
"9be4d53630dea437d62f2a2441634674"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
date
Fri, 13 Dec 2019 23:36:47 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
4769
x-amz-cf-id
mlUNotCEhYew5tvIkEsScSdvxqnbi1PCcPuATm1NHdq_8g1WhVQwxQ==
1d6d9117-18d5-4cd2-82cc-09169a1b844e
d3lcz8vpax4lo2.cloudfront.net/client_images/5ca43cf2-632c-478a-a624-699b0fca8a7c/ Frame 8219 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/client_images/5ca43cf2-632c-478a-a624-699b0fca8a7c/1d6d9117-18d5-4cd2-82cc-09169a1b844e
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:5e00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d124c2a8f0765e64400b8a6a8a1ba85a48b92b0e0dfc60fffb138fa8dfc9121

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Dec 2019 10:50:39 GMT
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified
Wed, 18 Sep 2019 09:48:32 GMT
server
AmazonS3
age
183865
etag
"914865493cf3a0662f650caa82926326"
x-cache
Hit from cloudfront
x-amz-version-id
_JrT3HIuc04revs4iGyJtMFZUzYPTPrz
status
200
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/octet-stream
content-length
25870
x-amz-cf-id
7XnSqklezMIJJDBYDRnQpCTzpA3u7wFbkfirlHrJpzG6S30dn4ourw==
QGYpz_wNahGAdqQ43Rh3x4X8mNhNy_r-Kw.woff2
fonts.gstatic.com/s/worksans/v5/ Frame 8219 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v5/QGYpz_wNahGAdqQ43Rh3x4X8mNhNy_r-Kw.woff2
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a25e14865126cb8fb6fba6ec8e05a94bf93b5f999bcc8785a80b54001d120eb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Origin
https://www.gazetaexpress.com

Response headers

date
Wed, 20 Nov 2019 01:15:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:25:19 GMT
server
sffe
age
2205601
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
16576
x-xss-protection
0
expires
Thu, 19 Nov 2020 01:15:02 GMT
loader.js
cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/ Frame 3490 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8369e98af36a8f0830b0367512dbc70852672313261164db123651de7c76b83

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
03brl6y6RJPvi.znQ12hSfzCIQ0ILeWN
content-encoding
gzip
age
109
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:03 GMT
content-length
17755
x-amz-id-2
vt2aTzOz3DHMxSn67Qji8D/lopj4c29aZp7Y9IUz5q6Ic071SWLceKWMr2CsgDH36CBPaEbvyJ8=
x-served-by
cache-fra19165-FRA
last-modified
Tue, 10 Dec 2019 14:58:32 GMT
server
AmazonS3
x-timer
S1576418104.734146,VS0,VE0
etag
"8260a89dc91bce44eef9551776577191"
vary
Accept-Encoding
x-amz-request-id
A376E80BC4C84319
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
46
x-cache-hits
4
publishertag.prebid.js
static.criteo.net/js/ld/ Frame B448 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid_2.41_test/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b7f09fcd3b0e1ea0802316344863eb8bfe55c8401f29fbb9a2d0fe2e4595a2d6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
content-encoding
gzip
last-modified
Tue, 05 Nov 2019 14:27:52 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5dc186e8-a744"
content-type
text/javascript
status
200
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Mon, 16 Dec 2019 13:55:03 GMT
event
event.insticator.com/v1/ Frame 21D9 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_question-loaded
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.gazetaexpress.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
POST
status
200
access-control-max-age
3600
access-control-allow-credentials
true
cf-ray
5458e9bc6cb38c92-VIE
access-control-allow-headers
content-type
content-length
0
null
www.gazetaexpress.com/ Frame 21D9 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/null
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
59a7118e43d325e146ab8259100b2b2eac1bd79e60521201d33e3b449fde909f

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
404
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
5458e9bc6d30d8bd-AMS
link
<https://www.gazetaexpress.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
logo-giphy.gif
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 21D9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-giphy.gif
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ad4ec405159beb9e962e752ab2696369ee2436ac7b4e7e34c99f9ba22aa1fe4

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
6s1xHKpyJMfBO7E3xKrrzQcN3hUsgxCx
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Tue, 21 Aug 2018 23:56:52 GMT
server
AmazonS3
age
38705
etag
"9be4d53630dea437d62f2a2441634674"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
date
Fri, 13 Dec 2019 23:36:47 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
4769
x-amz-cf-id
4RfqYhYK_Sy-tVBsadg5fC3JN70fL-8ae4yXQ8aA-Je5CsvMcS1Z5w==
df0d346e-974a-4ddc-ae80-b24e6ae4093e
d3lcz8vpax4lo2.cloudfront.net/client_images/5ca43cf2-632c-478a-a624-699b0fca8a7c/ Frame 21D9 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/client_images/5ca43cf2-632c-478a-a624-699b0fca8a7c/df0d346e-974a-4ddc-ae80-b24e6ae4093e
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:5e00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a652877acf261ccff744e36db00045f15023fb40c90ecf4a0734f18ae2a5179

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Dec 2019 10:48:28 GMT
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified
Wed, 18 Sep 2019 09:51:15 GMT
server
AmazonS3
age
183996
etag
"dca30f1287932ef17249ae7dd15b1b72"
x-cache
Hit from cloudfront
x-amz-version-id
X2uSsMYSo7h8hrQgx1Gxjqp6sEMbODnT
status
200
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/octet-stream
content-length
21571
x-amz-cf-id
Xhh1PhBMMyGcXgT9mIs-FoGbRU1uKExqBgnm-kKBUiw5YWrsxyWb3g==
QGYpz_wNahGAdqQ43Rh3x4X8mNhNy_r-Kw.woff2
fonts.gstatic.com/s/worksans/v5/ Frame 21D9 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v5/QGYpz_wNahGAdqQ43Rh3x4X8mNhNy_r-Kw.woff2
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a25e14865126cb8fb6fba6ec8e05a94bf93b5f999bcc8785a80b54001d120eb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Origin
https://www.gazetaexpress.com

Response headers

date
Wed, 20 Nov 2019 01:15:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:25:19 GMT
server
sffe
age
2205601
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
16576
x-xss-protection
0
expires
Thu, 19 Nov 2020 01:15:02 GMT
b
sb.scorecardresearch.com/ Frame 9787 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103755&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.74.100.205 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-74-100-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:03 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
impl.20191210-11-RELEASE.js
cdn.taboola.com/libtrc/ Frame CC48 		420 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x600hu-r16588079/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62bc7ee490a49eaf013c8fe54fa147f0fb8e5a50e18f9767d839658641cd4c3d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
s0IkHmEy08EJndtirhlVLLySRfd.41M7
content-encoding
gzip
age
16
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:03 GMT
x-amz-replication-status
COMPLETED
content-length
120950
x-amz-id-2
8l7KV4ia/ZJR9FmMSDqjFG6/xZhja8cWHUb+9lSHqUHYH9OUVgRcg00aHS8uMx2PHZd2KUixNxY=
x-served-by
cache-fra19165-FRA
last-modified
Tue, 10 Dec 2019 14:05:49 GMT
server
AmazonS3
x-timer
S1576418104.770401,VS0,VE0
etag
"e97ac104858d2edc75c626bcdb613669"
vary
Accept-Encoding
x-amz-request-id
0F419B8A5416925D
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
38
x-cache-hits
97
beacon.js
sb.scorecardresearch.com/ Frame CC48 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x600hu-r16588079/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.74.100.205 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-74-100-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
902
Expires
Mon, 16 Dec 2019 13:55:03 GMT
b
sb.scorecardresearch.com/ Frame 51B7 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103772&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.74.100.205 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-74-100-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:03 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
impl.20191210-11-RELEASE.js
cdn.taboola.com/libtrc/ Frame 3490 		420 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62bc7ee490a49eaf013c8fe54fa147f0fb8e5a50e18f9767d839658641cd4c3d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
s0IkHmEy08EJndtirhlVLLySRfd.41M7
content-encoding
gzip
age
16
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:03 GMT
x-amz-replication-status
COMPLETED
content-length
120950
x-amz-id-2
8l7KV4ia/ZJR9FmMSDqjFG6/xZhja8cWHUb+9lSHqUHYH9OUVgRcg00aHS8uMx2PHZd2KUixNxY=
x-served-by
cache-fra19165-FRA
last-modified
Tue, 10 Dec 2019 14:05:49 GMT
server
AmazonS3
x-timer
S1576418104.785534,VS0,VE0
etag
"e97ac104858d2edc75c626bcdb613669"
vary
Accept-Encoding
x-amz-request-id
0F419B8A5416925D
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
38
x-cache-hits
98
beacon.js
sb.scorecardresearch.com/ Frame 3490 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.74.100.205 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-74-100-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
902
Expires
Mon, 16 Dec 2019 13:55:03 GMT
userx.20191210-11-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 9787 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20191210-11-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d937013fe26d9e0d2387a7a74645411a35b1e125648bc3dad60d7d0a732bf51d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
i.RK1kIUI9S9zRzDw1ebq6IcFQWTGSeE
content-encoding
gzip
age
115
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:03 GMT
x-amz-replication-status
COMPLETED
content-length
7712
x-amz-id-2
Xl8rUrNEW0E+CTbqhbHKqDC3B5sXblDnfPbRkSHXnzBdWyhyz70/D/R785aP4U9j76D5D0EYZgk=
x-served-by
cache-fra19165-FRA
last-modified
Tue, 10 Dec 2019 14:05:59 GMT
server
AmazonS3
x-timer
S1576418104.799603,VS0,VE0
etag
"016744570c686c929dfdbaae15fb0a24"
vary
Accept-Encoding
x-amz-request-id
993A988E4EAFDA1D
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
64
x-cache-hits
170
rtb-h
trc.taboola.com/sg/mediaforcebidder-network/1/ Frame 3FF0
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7be3af2a-fcd5-45e8-8bd8-79dd835f3294
0
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7be3af2a-fcd5-45e8-8bd8-79dd835f3294
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:05 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.965787,VS0,VE9
x-served-by
cache-fra19157-FRA
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

Location
//trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7be3af2a-fcd5-45e8-8bd8-79dd835f3294
Date
Sun, 15 Dec 2019 13:55:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync.php
pixel.rubiconproject.com/exchange/ Frame 3FF0 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame 3FF0
Redirect Chain
  • https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
  • https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=B_QxKp-mXHvyjl7r2KCLheH2bnpd97hRW2QQM4nw4IM%3D
45 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=B_QxKp-mXHvyjl7r2KCLheH2bnpd97hRW2QQM4nw4IM%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:05 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.978487,VS0,VE9
x-served-by
cache-fra19157-FRA
x-cache
MISS
status
200
accept-ranges
bytes
x-cache-hits
0

Redirect headers

Location
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=B_QxKp-mXHvyjl7r2KCLheH2bnpd97hRW2QQM4nw4IM%3D
Date
Sun, 15 Dec 2019 13:55:04 GMT
Server
nginx
Connection
close
Etag
"B_QxKp-mXHvyjl7r2KCLheH2bnpd97hRW2QQM4nw4IM="
Content-Length
0
rtb-h
match.taboola.com/sg/mediamath-ssp-network/1/ Frame 3FF0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=31d25df6-2ed6-4d00-b8af-e30806530a97
  • https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=31d25df6-2ed6-4d00-b8af-e30806530a97
  • https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=31d25df6-2ed6-4d00-b8af-e30806530a97&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D31d25df6-2ed6-4d0...
0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=31d25df6-2ed6-4d00-b8af-e30806530a97&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D31d25df6-2ed6-4d00-b8af-e30806530a97
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418107.162706,VS0,VE9
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418107.131922,VS0,VE9
location
https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=31d25df6-2ed6-4d00-b8af-e30806530a97&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D31d25df6-2ed6-4d00-b8af-e30806530a97
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
/
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 3FF0
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%
  • https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=lhg8HtvGIndc&ev=1&pid=562107
0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=lhg8HtvGIndc&ev=1&pid=562107
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
16
date
Sun, 15 Dec 2019 13:55:05 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.965428,VS0,VE16
x-served-by
cache-fra19157-FRA
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

Date
Sun, 15 Dec 2019 13:55:04 GMT
Via
1.1 varnish
X-Cache
MISS
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection
keep-alive
Content-Length
0
X-Served-By
cache-hhn4044-HHN
Server
Jetty(9.4.7.v20170914)
Vary
Accept-Encoding
Content-Language
en
Location
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=lhg8HtvGIndc&ev=1&pid=562107
Expires
-1
Cache-Control
private, max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Type
text/plain; charset=utf-8
Cw-Server
bh-deployment-797d54649f-8lvws
X-Cache-Hits
0
/
trc.taboola.com/sg/rtbhouse-network/1/rtb-h/ Frame 3FF0
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=taboola
  • https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1
  • https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=8GI1xF0aNZ39y8WGQdUH&pi=taboola&tc=1
0
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=8GI1xF0aNZ39y8WGQdUH&pi=taboola&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:05 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.965771,VS0,VE9
x-served-by
cache-fra19157-FRA
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

status
302
pragma
no-cache
date
Sun, 15 Dec 2019 13:55:04 GMT, Sun, 15 Dec 2019 13:55:04 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
location
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=8GI1xF0aNZ39y8WGQdUH&pi=taboola&tc=1
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuidnb
ib.adnxs.com/ Frame 3FF0 		43 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:07 GMT
AN-X-Request-Uuid
f4df9394-9aea-4f4d-8b7a-7a9f4e03b356
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.80:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rtb-h
match.taboola.com/sg/google-network/1/ Frame 3FF0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIVa5wBqIOw0oLnYMhJsSPc&google_cver=1
  • https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEIVa5wBqIOw0oLnYMhJsSPc&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3DCAESEIVa5wBqIOw0oLnYMhJsSPc%26goo...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEIVa5wBqIOw0oLnYMhJsSPc&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3DCAESEIVa5wBqIOw0oLnYMhJsSPc%26google_cver%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.178469,VS0,VE8
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
8
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.147368,VS0,VE8
location
https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEIVa5wBqIOw0oLnYMhJsSPc&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3DCAESEIVa5wBqIOw0oLnYMhJsSPc%26google_cver%3D1
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
getuidnb
ib.adnxs.com/ Frame 3FF0 		43 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:08 GMT
AN-X-Request-Uuid
cadcbc25-8d95-417c-8ab3-f9f36d162c4e
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.75:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rtb-h
match.taboola.com/sg/thetradedesk-network/1/ Frame 3FF0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75
  • https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dfbf73039-1e82-4e81...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dfbf73039-1e82-4e81-9ae0-3bf72c706d75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.294212,VS0,VE8
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
37
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.213205,VS0,VE37
location
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dfbf73039-1e82-4e81-9ae0-3bf72c706d75
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
rtb-h
match.taboola.com/sg/storygize-network/1/ Frame 3FF0
Redirect Chain
  • https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=d9aff713-b302-48ba-9a9a-1ea1176c099d-tuct4efc0b7
  • https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=94b42eac-e7a9-4260-b325-254a1ad3506d
  • https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=94b42eac-e7a9-4260-b325-254a1ad3506d&tbid=ff993c3c-5b52-46f6-b3e1-95663c8e1e82-tuct4efc0b9&query=taboola_hm%3D94b42eac-e7a9-4260-b3...
0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=94b42eac-e7a9-4260-b325-254a1ad3506d&tbid=ff993c3c-5b52-46f6-b3e1-95663c8e1e82-tuct4efc0b9&query=taboola_hm%3D94b42eac-e7a9-4260-b325-254a1ad3506d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.058021,VS0,VE8
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:05 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.965829,VS0,VE9
location
https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=94b42eac-e7a9-4260-b325-254a1ad3506d&tbid=ff993c3c-5b52-46f6-b3e1-95663c8e1e82-tuct4efc0b9&query=taboola_hm%3D94b42eac-e7a9-4260-b325-254a1ad3506d
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
cookiesync
bttrack.com/pixel/ Frame 3FF0 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT - Bidtellect Inc., US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:03 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
/
cds.taboola.com/ Frame 3FF0 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=d9aff713-b302-48ba-9a9a-1ea1176c099d-tuct4efc0b7&_r=6748424
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:04 GMT
cache-control
no-store
x-envoy-upstream-service-time
0
Server
nginx
Connection
close
Content-Length
0
rtb-h
match.taboola.com/sg/bidswitch-network/1/ Frame 3FF0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=576580db-d490-41fc-a49e-98abb96186c7&bsw_param=576580db-d490-41fc-a49e-98abb96186c7&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=taboola&bsw_param=576580db-d490-41fc-a49e-98abb96186c7
  • https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7
  • https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7&tbid=85acec79-5ae6-4f60-917e-13517f414ec9-tuct4efc0b9&query=taboola_hm%3D576580db-d490-41fc-a4...
0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7&tbid=85acec79-5ae6-4f60-917e-13517f414ec9-tuct4efc0b9&query=taboola_hm%3D576580db-d490-41fc-a49e-98abb96186c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.058021,VS0,VE8
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:05 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.965782,VS0,VE9
location
https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7&tbid=85acec79-5ae6-4f60-917e-13517f414ec9-tuct4efc0b9&query=taboola_hm%3D576580db-d490-41fc-a49e-98abb96186c7
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
available
trc.taboola.com/gazetaexpress300x250hu-r16588074/log/3/ Frame 9787 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16588074/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:03 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-fra19156-FRA
pragma
no-cache
server
nginx
x-timer
S1576418104.814996,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
graphql
s2.adxpremium.services/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2.adxpremium.services/graphql
Requested by
Host: adxbid.info
URL: https://adxbid.info/gf_AL-BA-BI-BY-CD-CF-CU-IQ-IR-KP-LB-LY-ME-MK-RS-RU-SD-SO-SS-SY-UA-VE-YE-ZW_gazetaexpress.com_all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6b11 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.gazetaexpress.com
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sun, 15 Dec 2019 13:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
HEAD, GET, POST
status
200
access-control-expose-headers
X-GraphQL-Event-Stream
x-graphql-event-stream
/graphql/stream
cf-ray
5458e9bcdf1fdfdb-FRA
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length
rtb-h
trc.taboola.com/sg/mediaforcebidder-network/1/ Frame D13C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3447178f-12e5-4170-ab92-b8fdecbd869d
0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3447178f-12e5-4170-ab92-b8fdecbd869d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
17
date
Sun, 15 Dec 2019 13:55:05 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.965788,VS0,VE17
x-served-by
cache-fra19157-FRA
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

Location
//trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3447178f-12e5-4170-ab92-b8fdecbd869d
Date
Sun, 15 Dec 2019 13:55:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync.php
pixel.rubiconproject.com/exchange/ Frame D13C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame D13C
Redirect Chain
  • https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
  • https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=B_QxKp-mXHvyjl7r2KCLheH2bnpd97hRW2QQM4nw4IM%3D
45 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=B_QxKp-mXHvyjl7r2KCLheH2bnpd97hRW2QQM4nw4IM%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.066782,VS0,VE9
x-served-by
cache-fra19157-FRA
x-cache
MISS
status
200
accept-ranges
bytes
x-cache-hits
0

Redirect headers

Location
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=B_QxKp-mXHvyjl7r2KCLheH2bnpd97hRW2QQM4nw4IM%3D
Date
Sun, 15 Dec 2019 13:55:06 GMT
Server
nginx
Connection
close
Etag
"B_QxKp-mXHvyjl7r2KCLheH2bnpd97hRW2QQM4nw4IM="
Content-Length
0
rtb-h
match.taboola.com/sg/mediamath-ssp-network/1/ Frame D13C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=c33c5df6-2f72-4f00-9d8f-d9dd809ba679
  • https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=c33c5df6-2f72-4f00-9d8f-d9dd809ba679
  • https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=c33c5df6-2f72-4f00-9d8f-d9dd809ba679&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dc33c5df6-2f72-4f0...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=c33c5df6-2f72-4f00-9d8f-d9dd809ba679&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dc33c5df6-2f72-4f00-9d8f-d9dd809ba679
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418107.190125,VS0,VE9
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
8
date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418107.158959,VS0,VE8
location
https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=c33c5df6-2f72-4f00-9d8f-d9dd809ba679&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dc33c5df6-2f72-4f00-9d8f-d9dd809ba679
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
/
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame D13C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%
  • https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=HLvvm2g7irej&ev=1&pid=562107
0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=HLvvm2g7irej&ev=1&pid=562107
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.058945,VS0,VE9
x-served-by
cache-fra19157-FRA
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

Date
Sun, 15 Dec 2019 13:55:06 GMT
Via
1.1 varnish
X-Cache
MISS
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection
keep-alive
Content-Length
0
X-Served-By
cache-hhn4044-HHN
Server
Jetty(9.4.7.v20170914)
Vary
Accept-Encoding
Content-Language
en
Location
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=HLvvm2g7irej&ev=1&pid=562107
Expires
-1
Cache-Control
private, max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Type
text/plain; charset=utf-8
Cw-Server
bh-deployment-797d54649f-8lvws
X-Cache-Hits
0
/
trc.taboola.com/sg/rtbhouse-network/1/rtb-h/ Frame D13C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=taboola
  • https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=8GI1xF0aNZ39y8WGQdUH&pi=taboola
0
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=8GI1xF0aNZ39y8WGQdUH&pi=taboola
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.039139,VS0,VE10
x-served-by
cache-fra19157-FRA
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

status
302
pragma
no-cache
date
Sun, 15 Dec 2019 13:55:06 GMT, Sun, 15 Dec 2019 13:55:06 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
location
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=8GI1xF0aNZ39y8WGQdUH&pi=taboola
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuidnb
ib.adnxs.com/ Frame D13C 		43 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:08 GMT
AN-X-Request-Uuid
3c9d1786-47dc-489f-bb1e-ed4cea078c4b
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.46:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rtb-h
match.taboola.com/sg/google-network/1/ Frame D13C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDNfuvMuR_18m5HRk0eVMFo&google_cver=1
  • https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEDNfuvMuR_18m5HRk0eVMFo&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3DCAESEDNfuvMuR_18m5HRk0eVMFo%26goo...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEDNfuvMuR_18m5HRk0eVMFo&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3DCAESEDNfuvMuR_18m5HRk0eVMFo%26google_cver%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.180748,VS0,VE9
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
8
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.149655,VS0,VE8
location
https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEDNfuvMuR_18m5HRk0eVMFo&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3DCAESEDNfuvMuR_18m5HRk0eVMFo%26google_cver%3D1
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
getuidnb
ib.adnxs.com/ Frame D13C 		43 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:08 GMT
AN-X-Request-Uuid
d53a6304-f662-43f1-a5e4-dc04f0e15143
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.187:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rtb-h
match.taboola.com/sg/thetradedesk-network/1/ Frame D13C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75
  • https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dfbf73039-1e82-4e81...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dfbf73039-1e82-4e81-9ae0-3bf72c706d75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.244118,VS0,VE8
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
8
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.212952,VS0,VE8
location
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dfbf73039-1e82-4e81-9ae0-3bf72c706d75
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
cookiesync
bttrack.com/pixel/ Frame D13C 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT - Bidtellect Inc., US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:05 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
match.taboola.com/sg/bidswitch-network/1/ Frame D13C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola
  • https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=taboola
  • https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=taboola&bounced=1
  • https://x.bidswitch.net/sync?dsp_id=9&user_id=eLwtWLactvL.AikABlFvCddcYw&expires=30&ssp=taboola
  • https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7
  • https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D576580db-d490-41fc-a4...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D576580db-d490-41fc-a49e-98abb96186c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418107.619786,VS0,VE8
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418107.588309,VS0,VE9
location
https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D576580db-d490-41fc-a49e-98abb96186c7
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
userx.20191210-11-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame DFB7 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20191210-11-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d937013fe26d9e0d2387a7a74645411a35b1e125648bc3dad60d7d0a732bf51d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
i.RK1kIUI9S9zRzDw1ebq6IcFQWTGSeE
content-encoding
gzip
age
115
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:03 GMT
x-amz-replication-status
COMPLETED
content-length
7712
x-amz-id-2
Xl8rUrNEW0E+CTbqhbHKqDC3B5sXblDnfPbRkSHXnzBdWyhyz70/D/R785aP4U9j76D5D0EYZgk=
x-served-by
cache-fra19165-FRA
last-modified
Tue, 10 Dec 2019 14:05:59 GMT
server
AmazonS3
x-timer
S1576418104.829521,VS0,VE0
etag
"016744570c686c929dfdbaae15fb0a24"
vary
Accept-Encoding
x-amz-request-id
993A988E4EAFDA1D
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
64
x-cache-hits
171
rtb-h
match.taboola.com/sg/storygize-network/1/ Frame D13C
Redirect Chain
  • https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=5d169034-df2b-4a8d-a5f0-6049e3553a43-tuct4efc0b7
  • https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=94b42eac-e7a9-4260-b325-254a1ad3506d
  • https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=94b42eac-e7a9-4260-b325-254a1ad3506d&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D94b42eac-e7a9-4260-b3...
0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=94b42eac-e7a9-4260-b325-254a1ad3506d&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D94b42eac-e7a9-4260-b325-254a1ad3506d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.330147,VS0,VE91
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.295316,VS0,VE9
location
https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=94b42eac-e7a9-4260-b325-254a1ad3506d&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D94b42eac-e7a9-4260-b325-254a1ad3506d
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
/
cds.taboola.com/ Frame D13C 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=5d169034-df2b-4a8d-a5f0-6049e3553a43-tuct4efc0b7&_r=3345251
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:07 GMT
cache-control
no-store
x-envoy-upstream-service-time
0
Server
nginx
Connection
close
Content-Length
0
available
trc.taboola.com/gazetaexpress300x250hu-r16588074/log/3/ Frame DFB7 		0
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16588074/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:05 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-fra19157-FRA
pragma
no-cache
server
nginx
x-timer
S1576418106.965443,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
event
event.insticator.com/v1/ Frame 8219 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_question-loaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 15 Dec 2019 13:55:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
201
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cf-ray
5458e9bd2d1b8c92-VIE
content-length
0
graphql
s2.adxpremium.services/ 		84 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2.adxpremium.services/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6b11 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d55304796d73b5bb285af58e6a1161dd420985295b9251c09dd1f2584226b0b

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 15 Dec 2019 13:55:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
HEAD, GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-GraphQL-Event-Stream
x-graphql-event-stream
/graphql/stream
cf-ray
5458e9be8dcae003-FRA
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length
b2
sb.scorecardresearch.com/ Frame CC48
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103917&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103917&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9=
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103917&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.74.100.205 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-74-100-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:06 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1576418103917&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9=
Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:06 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
event
event.insticator.com/v1/ Frame F9DB 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_question-loaded
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sun, 15 Dec 2019 13:55:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.gazetaexpress.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
POST
status
200
access-control-max-age
3600
access-control-allow-credentials
true
cf-ray
5458e9bdad5b8c92-VIE
access-control-allow-headers
content-type
content-length
0
null
www.gazetaexpress.com/ Frame F9DB 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/null
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.0.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
59a7118e43d325e146ab8259100b2b2eac1bd79e60521201d33e3b449fde909f

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
404
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
5458e9bdfc6abf4b-AMS
link
<https://www.gazetaexpress.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
logo-giphy.gif
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame F9DB 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-giphy.gif
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ad4ec405159beb9e962e752ab2696369ee2436ac7b4e7e34c99f9ba22aa1fe4

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
6s1xHKpyJMfBO7E3xKrrzQcN3hUsgxCx
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
last-modified
Tue, 21 Aug 2018 23:56:52 GMT
server
AmazonS3
age
51348
etag
"9be4d53630dea437d62f2a2441634674"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
date
Fri, 13 Dec 2019 23:36:47 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
4769
x-amz-cf-id
_7pG7mJaL2ngC0URFO62NvVcFZxxdHFoJhpojzG8IouJ33nTDGxF5g==
c5b2c170-7e19-4f0c-a027-c4a4d208d430
d3lcz8vpax4lo2.cloudfront.net/client_images/5ca43cf2-632c-478a-a624-699b0fca8a7c/ Frame F9DB 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/client_images/5ca43cf2-632c-478a-a624-699b0fca8a7c/c5b2c170-7e19-4f0c-a027-c4a4d208d430
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:5e00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d22a340e6f57a5fb06db703ca9ee32bea2909a2ae86c1f9fbb08cede1d8875e2

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Dec 2019 10:46:57 GMT
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
last-modified
Wed, 18 Sep 2019 09:49:41 GMT
server
AmazonS3
age
184090
etag
"e861939824ab9862fcf6ecccd9024db1"
x-cache
Hit from cloudfront
x-amz-version-id
amcpwtcoY1shqfIGA6VVV4fypngVCq_5
status
200
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/octet-stream
content-length
25396
x-amz-cf-id
My2gMNvk7zAxXgeXNkXFZ2hfsTqbjUWa0sYDwEUbOhSpQFrDZwkfKA==
QGYpz_wNahGAdqQ43Rh3x4X8mNhNy_r-Kw.woff2
fonts.gstatic.com/s/worksans/v5/ Frame F9DB 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v5/QGYpz_wNahGAdqQ43Rh3x4X8mNhNy_r-Kw.woff2
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a25e14865126cb8fb6fba6ec8e05a94bf93b5f999bcc8785a80b54001d120eb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Origin
https://www.gazetaexpress.com

Response headers

date
Wed, 20 Nov 2019 01:15:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:25:19 GMT
server
sffe
age
2205601
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
16576
x-xss-protection
0
expires
Thu, 19 Nov 2020 01:15:02 GMT
event
event.insticator.com/v1/ Frame 21D9 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_question-loaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 15 Dec 2019 13:55:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
201
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cf-ray
5458e9bded8c8c92-VIE
content-length
0
b
sb.scorecardresearch.com/ Frame 3490 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1576418104017&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Fwww.gazetaexpress.com%2F&c9=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.74.100.205 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-74-100-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:06 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/gazetaexpress970x250gr-r17062380/trc/3/ Frame 6772 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress970x250gr-r17062380/trc/3/json?tim=14%3A55%3A04.064&lti=deflated&data=%7B%22id%22%3A820%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1576418103602%2C%22cv%22%3A%2220191210-11-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A970%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A970%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217062380%22%2C%22orig_uip%22%3A%2217062380%22%2C%22cd%22%3A0%2C%22mw%22%3A970%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e67ba7fc0544528a494066921321897b801057496412b44790a3eb15d6bcf81b

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
149
date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
via
1.1 varnish
x-served-by
cache-fra19157-FRA
server
nginx
x-timer
S1576418106.185837,VS0,VE149
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
event
event.insticator.com/v1/ Frame F9DB 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_question-loaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 15 Dec 2019 13:55:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
201
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cf-ray
5458e9be7dfb8c92-VIE
content-length
0
json
trc.taboola.com/gazetaexpress970x250gr-r17062380/trc/3/ Frame 51B7 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress970x250gr-r17062380/trc/3/json?tim=14%3A55%3A04.188&lti=deflated&data=%7B%22id%22%3A915%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1576418103602%2C%22cv%22%3A%2220191210-11-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A970%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A970%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217062380%22%2C%22orig_uip%22%3A%2217062380%22%2C%22cd%22%3A0%2C%22mw%22%3A970%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
3dff2ff806f430851f79cf69774354f50bb415c86dcd27590460ed724a85ea54

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
169
date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
via
1.1 varnish
x-served-by
cache-fra19157-FRA
server
nginx
x-timer
S1576418106.186036,VS0,VE169
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
json
trc.taboola.com/gazetaexpress300x600hu-r16588079/trc/3/ Frame CC48 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x600hu-r16588079/trc/3/json?tim=14%3A55%3A04.335&lti=deflated&data=%7B%22id%22%3A891%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3A%225d169034-df2b-4a8d-a5f0-6049e3553a43-tuct4efc0b7%22%2C%22uifp%22%3A%225d169034-df2b-4a8d-a5f0-6049e3553a43-tuct4efc0b7%22%2C%22vi%22%3A1576418103602%2C%22cv%22%3A%2220191210-11-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22lspb%22%3A%22CwsIQhDDqj8MCwiJARDDqj8MCwhMEMOqPwwLCI4BEMOqPwwLCJEBEMOqPwwLCJUBEMOqPwwLCCAQw6o_DAsIJBDDqj8MCwhkEMOqPwwLCCcQw6o_DAsILRDDqj8MCwg7EMOqPwwLCD0Q49s-DAsIPxDDqj8MDBMU%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A600%2C%22dw%22%3A300%2C%22dh%22%3A600%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2216588079%22%2C%22orig_uip%22%3A%2216588079%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
c241ff76d0531002c20e5a3afc8a61f6aed1bee8aa26e84099395e6a80a27c32

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
112
date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
via
1.1 varnish
x-served-by
cache-fra19157-FRA
server
nginx
x-timer
S1576418106.186026,VS0,VE112
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
json
trc.taboola.com/gazetaexpress970x250gr-r17062380/trc/3/ Frame 3490 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress970x250gr-r17062380/trc/3/json?tim=14%3A55%3A04.385&lti=deflated&data=%7B%22id%22%3A82%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3A%225d169034-df2b-4a8d-a5f0-6049e3553a43-tuct4efc0b7%22%2C%22uifp%22%3A%225d169034-df2b-4a8d-a5f0-6049e3553a43-tuct4efc0b7%22%2C%22vi%22%3A1576418103602%2C%22cv%22%3A%2220191210-11-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22lspb%22%3A%22CwsIQhDDqj8MCwiJARDDqj8MCwhMEMOqPwwLCI4BEMOqPwwLCJEBEMOqPwwLCJUBEMOqPwwLCCAQw6o_DAsIJBDDqj8MCwhkEMOqPwwLCCcQw6o_DAsILRDDqj8MCwg7EMOqPwwLCD0Q49s-DAsIPxDDqj8MDBMU%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A970%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A970%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217062380%22%2C%22orig_uip%22%3A%2217062380%22%2C%22cd%22%3A0%2C%22mw%22%3A970%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
c5e60a8d38036fcb846343a91cfbc136e3ce20d2d8862647d5b4934224db74c3

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
83
date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
via
1.1 varnish
x-served-by
cache-fra19157-FRA
server
nginx
x-timer
S1576418106.187420,VS0,VE83
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
gpt.js
www.googletagservices.com/tag/js/ Frame BBB2 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a82712e7f23f58c7f3c38944001a3fd5f077e89de326b729da4c145ff033b232
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"367 / 832 of 1000 / last-modified: 1576171782"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15846
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:06 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 8B6C 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a82712e7f23f58c7f3c38944001a3fd5f077e89de326b729da4c145ff033b232
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"367 / 636 of 1000 / last-modified: 1576171782"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15846
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:06 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 8A1C 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a82712e7f23f58c7f3c38944001a3fd5f077e89de326b729da4c145ff033b232
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"367 / 815 of 1000 / last-modified: 1576171782"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15846
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:06 GMT
integrator.js
adservice.google.de/adsid/ Frame BBB2 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BBB2 		109 B
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019121002.js
securepubads.g.doubleclick.net/gpt/ Frame BBB2 		163 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60922
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:06 GMT
integrator.js
adservice.google.de/adsid/ Frame 8B6C 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8B6C 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019121002.js
securepubads.g.doubleclick.net/gpt/ Frame 8B6C 		163 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60922
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:06 GMT
integrator.js
adservice.google.de/adsid/ Frame 8A1C 		109 B
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8A1C 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019121002.js
securepubads.g.doubleclick.net/gpt/ Frame 8A1C 		163 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60922
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:06 GMT
userx.20191210-11-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 3490 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20191210-11-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d937013fe26d9e0d2387a7a74645411a35b1e125648bc3dad60d7d0a732bf51d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
i.RK1kIUI9S9zRzDw1ebq6IcFQWTGSeE
content-encoding
gzip
age
120
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:07 GMT
x-amz-replication-status
COMPLETED
content-length
7712
x-amz-id-2
Xl8rUrNEW0E+CTbqhbHKqDC3B5sXblDnfPbRkSHXnzBdWyhyz70/D/R785aP4U9j76D5D0EYZgk=
x-served-by
cache-fra19124-FRA
last-modified
Tue, 10 Dec 2019 14:05:59 GMT
server
AmazonS3
x-timer
S1576418108.746362,VS0,VE0
etag
"016744570c686c929dfdbaae15fb0a24"
vary
Accept-Encoding
x-amz-request-id
993A988E4EAFDA1D
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
34
x-cache-hits
206
tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/ Frame 57F3
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
  • https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
49 B
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.172.27 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-18-172-27.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:07 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
10.45.0.8
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:07 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Cache-Control
no-cache
X-Server
10.45.11.160
Connection
keep-alive
Content-Length
0
Expires
0
35702
tags.bluekai.com/site/ Frame 57F3 		62 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/35702?id=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.5.109.152 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-5-109-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:07 GMT
X-N
S
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
751b
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cm
trc.taboola.com/sg/neustar/1/ Frame 57F3
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900703270000745660
0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900703270000745660
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418109.709071,VS0,VE10
x-cache
MISS
status
200
cache-control
no-cache, no-store
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA

Redirect headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:08 GMT
server
AAWebServer
location
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900703270000745660
p3p
policyref="http://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
status
302
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
32441
i.liadm.com/s/ Frame 57F3
Redirect Chain
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&_li_chk=true&previous_uuid=cde76ad400c54219a8e8da67c8f1a4dc
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&_li_chk=true&previous_uuid=cde76ad400c54219a8e8da67c8f1a4dc
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.181.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-181-188.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:07 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
/s/32441?bidder_id=88068&bidder_uuid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&_li_chk=true&previous_uuid=cde76ad400c54219a8e8da67c8f1a4dc
Date
Sun, 15 Dec 2019 13:55:07 GMT
Connection
keep-alive
Content-Length
0
csync.ashx
ml314.com/ Frame 57F3
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3606766353900372054
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYwNjc2NjM1MzkwMDM3MjA1NBAAGg0IvPbY7wUSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=908a3f0bced6535364c5410dc363eb52f5798213223da0a40a13e820ac1b1906f4cb09cee1a4f8eb&person_id=3606766353900372054&eid=50082
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=908a3f0bced6535364c5410dc363eb52f5798213223da0a40a13e820ac1b1906f4cb09cee1a4f8eb&person_id=3606766353900372054&eid=50082
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.243.224 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-253-243-224.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:07 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Mon, 16 Dec 2019 08:55:08 GMT

Redirect headers

date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 google
location
https://ml314.com/csync.ashx?fp=908a3f0bced6535364c5410dc363eb52f5798213223da0a40a13e820ac1b1906f4cb09cee1a4f8eb&person_id=3606766353900372054&eid=50082
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status
307
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
pixel.gif
load77.exelator.com/ Frame 57F3
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.29 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:08 GMT
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
"59f0c3fc-2b"
x-cache
HIT
content-type
image/gif
status
200
x-edge-ip
185.59.220.20
x-age
69510
accept-ranges
bytes
content-length
43

Redirect headers

date
Sun, 15 Dec 2019 13:55:07 GMT
server
nginx/1.14.0
x-powered-by
Undertow/1
location
https://load77.exelator.com/pixel.gif
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status
302
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
/
cds.taboola.com/ Frame 57F3 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&_r=6875084
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:08 GMT
cache-control
no-store
x-envoy-upstream-service-time
0
Server
nginx
Connection
close
Content-Length
0
fix-user-id
trc.taboola.com/gazetaexpress970x250gr-r17062380/log/3/ Frame 3490 		0
85 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/gazetaexpress970x250gr-r17062380/log/3/fix-user-id?lti=deflated&ri=6392ff44e4265759e2dddbfd967c54af&sd=v2_b1e0f1672b7571d0440bacc329d5ef04_3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9_1576418106_1576418106_CNawjgYQ7KhLGLKi3c7wLSABKAMwoQE4l-oLQJ2XEEip2RZQ____________AVgAYAA&ui=5d169034-df2b-4a8d-a5f0-6049e3553a43-tuct4efc0b7&pi=/&wi=3066769549804268611&pt=text&vi=1576418103602&time=1576418106301&fromUser=5d169034-df2b-4a8d-a5f0-6049e3553a43-tuct4efc0b7&toUser=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&toSD=v2_b1e0f1672b7571d0440bacc329d5ef04_3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9_1576418106_1576418106_CNawjgYQ7KhLGLKi3c7wLSABKAMwoQE4l-oLQJ2XEEip2RZQ____________AVgAYAA&tim=14%3A55%3A06.301&id=4836&llvl=1&cv=20191210-11-RELEASE&
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-fra19157-FRA
pragma
no-cache
server
nginx
x-timer
S1576418106.321705,VS0,VE9
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
available
trc.taboola.com/gazetaexpress970x250gr-r17062380/log/3/ Frame 3490 		0
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress970x250gr-r17062380/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-fra19157-FRA
pragma
no-cache
server
nginx
x-timer
S1576418106.329662,VS0,VE10
content-type
image/gif
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
linda.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//tvtrendnow.com/uploads/25330/ Frame 3490 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//tvtrendnow.com/uploads/25330/linda.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
bbc094c7a37c4023caa20afdef1b0886e721fa698643545afbc0c3808031f3c2

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish, 1.1 varnish
age
2331411
edge-cache-tag
564825010614998444317980558177263805493,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Thu, 12 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//tvtrendnow.com/uploads/25330/linda.jpg
content-length
15042
x-served-by
cache-fra19174-FRA, cache-fra19124-FRA
last-modified
Mon, 11 Nov 2019 11:30:49 GMT
server
cloudinary
x-timer
S1576418107.274323,VS0,VE1
etag
"857c3ef4197a93ec57988893f7e1220e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
c9dd5322c16640ed60fa1a1742aae09c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 3490 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c9dd5322c16640ed60fa1a1742aae09c.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
a58c2e97245f108b401b45615160c63e649b90a067a76a1a9c793510a53e2bf6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish, 1.1 varnish
age
1910929
edge-cache-tag
351582715293950596603723956480953487256,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Sat, 07 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c9dd5322c16640ed60fa1a1742aae09c.png
content-length
11894
x-served-by
cache-fra19177-FRA, cache-fra19124-FRA
last-modified
Wed, 06 Nov 2019 04:32:21 GMT
server
cloudinary
x-timer
S1576418107.305729,VS0,VE1
etag
"02473ce07b6a9869e66ac3fa98186b55"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
03fb3955c5c25885c038fc2ef5d7014e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 3490 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03fb3955c5c25885c038fc2ef5d7014e.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
2685a034b73d4091dbbcffb22b24c5c66379baf01cb502e5e2d2f448dbe6be8f

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish, 1.1 varnish
age
1222330
edge-cache-tag
577632525504445767236670537902212649522,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Mon, 30 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03fb3955c5c25885c038fc2ef5d7014e.jpg
content-length
38943
x-served-by
cache-fra19131-FRA, cache-fra19124-FRA
last-modified
Fri, 29 Nov 2019 23:22:11 GMT
server
cloudinary
x-timer
S1576418107.305722,VS0,VE1
etag
"b0b511705a07fc681e3c036915193ba2"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/ Frame DABF
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
  • https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
49 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.172.27 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-18-172-27.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:07 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
10.45.24.128
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:07 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Cache-Control
no-cache
X-Server
10.45.4.196
Connection
keep-alive
Content-Length
0
Expires
0
35702
tags.bluekai.com/site/ Frame DABF 		62 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/35702?id=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.5.109.152 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-5-109-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:07 GMT
X-N
S
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
eb39
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cm
trc.taboola.com/sg/neustar/1/ Frame DABF
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900603270000746800
0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900603270000746800
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418109.708740,VS0,VE8
x-cache
MISS
status
200
cache-control
no-cache, no-store
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA

Redirect headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:08 GMT
server
AAWebServer
location
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900603270000746800
p3p
policyref="http://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
status
302
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
32441
i.liadm.com/s/ Frame DABF 		43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.181.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-181-188.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:07 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
csync.ashx
ml314.com/ Frame DABF
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3606766353900372057
  • https://ml314.com/csync.ashx?fp=&person_id=3606766353900372057&eid=50082
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=&person_id=3606766353900372057&eid=50082
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.243.224 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-253-243-224.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:07 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Mon, 16 Dec 2019 08:55:08 GMT

Redirect headers

date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 google
location
https://ml314.com/csync.ashx?fp=&person_id=3606766353900372057&eid=50082
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status
307
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
pixel.gif
load77.exelator.com/ Frame DABF
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.29 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:08 GMT
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
"59f0c3fc-2b"
x-cache
HIT
content-type
image/gif
status
200
x-edge-ip
185.59.220.20
x-age
69510
accept-ranges
bytes
content-length
43

Redirect headers

date
Sun, 15 Dec 2019 13:55:07 GMT
server
nginx/1.14.0
x-powered-by
Undertow/1
location
https://load77.exelator.com/pixel.gif
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status
302
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
userx.20191210-11-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame CC48 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20191210-11-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x600hu-r16588079/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d937013fe26d9e0d2387a7a74645411a35b1e125648bc3dad60d7d0a732bf51d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
i.RK1kIUI9S9zRzDw1ebq6IcFQWTGSeE
content-encoding
gzip
age
120
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:07 GMT
x-amz-replication-status
COMPLETED
content-length
7712
x-amz-id-2
Xl8rUrNEW0E+CTbqhbHKqDC3B5sXblDnfPbRkSHXnzBdWyhyz70/D/R785aP4U9j76D5D0EYZgk=
x-served-by
cache-fra19124-FRA
last-modified
Tue, 10 Dec 2019 14:05:59 GMT
server
AmazonS3
x-timer
S1576418108.746342,VS0,VE0
etag
"016744570c686c929dfdbaae15fb0a24"
vary
Accept-Encoding
x-amz-request-id
993A988E4EAFDA1D
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
34
x-cache-hits
205
/
cds.taboola.com/ Frame DABF 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&_r=3740721
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:08 GMT
cache-control
no-store
x-envoy-upstream-service-time
0
Server
nginx
Connection
close
Content-Length
0
fix-user-id
trc.taboola.com/gazetaexpress300x600hu-r16588079/log/3/ Frame CC48 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/gazetaexpress300x600hu-r16588079/log/3/fix-user-id?lti=deflated&ri=d64182023aa3b33ca5ca07f1f4049ebe&sd=v2_4c0b511d25d8d84f0299ec81c0245f49_3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9_1576418106_1576418106_CNawjgYQuqxKGLKi3c7wLSABKAMwoQE4l-oLQJ2XEEip2RZQ____________AVgAYAA&ui=5d169034-df2b-4a8d-a5f0-6049e3553a43-tuct4efc0b7&pi=/&wi=6540805179878215305&pt=text&vi=1576418103602&time=1576418106325&fromUser=5d169034-df2b-4a8d-a5f0-6049e3553a43-tuct4efc0b7&toUser=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&toSD=v2_4c0b511d25d8d84f0299ec81c0245f49_3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9_1576418106_1576418106_CNawjgYQuqxKGLKi3c7wLSABKAMwoQE4l-oLQJ2XEEip2RZQ____________AVgAYAA&tim=14%3A55%3A06.325&id=2780&llvl=1&cv=20191210-11-RELEASE&
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
12
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-fra19157-FRA
pragma
no-cache
server
nginx
x-timer
S1576418106.344360,VS0,VE12
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
available
trc.taboola.com/gazetaexpress300x600hu-r16588079/log/3/ Frame CC48 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x600hu-r16588079/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-fra19157-FRA
pragma
no-cache
server
nginx
x-timer
S1576418106.351434,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
2748692dcb54774d2212a5034ef01b18.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame CC48 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2748692dcb54774d2212a5034ef01b18.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
6af967f474bf5fcadb2472c57f5a3b3f3e61ec4bd723dc1e0a5fb78a5edbfd45

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish, 1.1 varnish
age
2092106
edge-cache-tag
560902927758613829876723982366486932497,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Fri, 20 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2748692dcb54774d2212a5034ef01b18.jpg
content-length
4569
x-served-by
cache-fra19167-FRA, cache-fra19124-FRA
last-modified
Tue, 19 Nov 2019 13:32:25 GMT
server
cloudinary
x-timer
S1576418108.771042,VS0,VE1
etag
"b438f7d0c8b5bb944cac13953c40a996"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
f19ff2ebc4b758002c9dc413db9f8181.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame CC48 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f19ff2ebc4b758002c9dc413db9f8181.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
2824eaaca36f4c1f962ae1f42a0ff91e3cdadbcd9328c02751505bb7afff992d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish, 1.1 varnish
age
1709674
edge-cache-tag
450630234765926582538263118379552414965,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Thu, 26 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f19ff2ebc4b758002c9dc413db9f8181.jpg
content-length
3594
x-served-by
cache-fra19176-FRA, cache-fra19124-FRA
last-modified
Mon, 25 Nov 2019 09:52:47 GMT
server
cloudinary
x-timer
S1576418108.771583,VS0,VE1
etag
"1733f58d734113bcb107f91ec7a53908"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
ad620e7595b9bf740b0363df89db74c4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame CC48 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad620e7595b9bf740b0363df89db74c4.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
46551ad5e1ea6f0750b389520b91bf30f7644133dd7e0fc01f8637fd54065b7e

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish, 1.1 varnish
age
2172956
edge-cache-tag
347963275037358412334085980467352530106,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Fri, 13 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad620e7595b9bf740b0363df89db74c4.jpg
content-length
6201
x-served-by
cache-fra19147-FRA, cache-fra19124-FRA
last-modified
Tue, 12 Nov 2019 00:04:03 GMT
server
cloudinary
x-timer
S1576418108.771545,VS0,VE1
etag
"6634f9350d0d7c9257990787e43e0f7a"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
574425affafe1597c84d78f24513ac62.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame CC48 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/574425affafe1597c84d78f24513ac62.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
f2d6b3bdc5f21c342ef91e33663c718bea60245c80dbfe201f2835aa71595211

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish, 1.1 varnish
age
1561238
edge-cache-tag
354507392847690907449944958099259624214,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Thu, 19 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/574425affafe1597c84d78f24513ac62.png
content-length
11467
x-served-by
cache-fra19177-FRA, cache-fra19124-FRA
last-modified
Mon, 18 Nov 2019 06:47:39 GMT
server
cloudinary
x-timer
S1576418108.771526,VS0,VE1
etag
"90246b9772a80dc3a6d1b4d537751dbc"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
f4caa61e95a47a87b74bf668d987ff1a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame CC48 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f4caa61e95a47a87b74bf668d987ff1a.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
a1caf03e6b717869cc3645ad474f902b9797446f7756d0b70c7fe6874eeada82

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish, 1.1 varnish
age
1713881
edge-cache-tag
464455427521822916652228389538493759101,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Mon, 09 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f4caa61e95a47a87b74bf668d987ff1a.jpg
content-length
5936
x-served-by
cache-fra19173-FRA, cache-fra19124-FRA
last-modified
Fri, 08 Nov 2019 13:20:09 GMT
server
cloudinary
x-timer
S1576418108.771444,VS0,VE1
etag
"5f04351a67d849e9f039c4206f93f58d"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
1163557151__0mOayk0X.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/ISI/ Frame CC48 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/ISI/1163557151__0mOayk0X.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
31ed488640e806860b16cecdf2c1fbccb5e0fe0aedde1501b78cddaed51726c7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish, 1.1 varnish
age
1348304
edge-cache-tag
608277979844130175690524170665960174443,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Mon, 30 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/ISI/1163557151__0mOayk0X.jpg
content-length
4072
x-served-by
cache-fra19157-FRA, cache-fra19124-FRA
last-modified
Fri, 29 Nov 2019 19:32:24 GMT
server
cloudinary
x-timer
S1576418108.771416,VS0,VE1
etag
"cdfb949e8c93c0815544c163113dd930"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
sync.crwdcntrl.net/map/c=10924/tp=OOLA/ Frame 743E 		49 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.172.27 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-18-172-27.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:07 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
10.45.26.39
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
Expires
0
/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame 743E
Redirect Chain
  • https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
  • https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=B_QxKp-mXHvyjl7r2KCLheH2bnpd97hRW2QQM4nw4IM%3D
45 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=B_QxKp-mXHvyjl7r2KCLheH2bnpd97hRW2QQM4nw4IM%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:10 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418111.942001,VS0,VE9
x-served-by
cache-fra19157-FRA
x-cache
MISS
status
200
accept-ranges
bytes
x-cache-hits
0

Redirect headers

Location
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=B_QxKp-mXHvyjl7r2KCLheH2bnpd97hRW2QQM4nw4IM%3D
Date
Sun, 15 Dec 2019 13:55:10 GMT
Server
nginx
Connection
close
Etag
"B_QxKp-mXHvyjl7r2KCLheH2bnpd97hRW2QQM4nw4IM="
Content-Length
0
rtb-h
match.taboola.com/sg/mediamath-ssp-network/1/ Frame 743E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]
  • https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=c33c5df6-2f72-4f00-9d8f-d9dd809ba679
  • https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=c33c5df6-2f72-4f00-9d8f-d9dd809ba679&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dc33c5df6-2f72-4f0...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=c33c5df6-2f72-4f00-9d8f-d9dd809ba679&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dc33c5df6-2f72-4f00-9d8f-d9dd809ba679
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418108.979857,VS0,VE8
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
8
date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418108.949428,VS0,VE8
location
https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=c33c5df6-2f72-4f00-9d8f-d9dd809ba679&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dc33c5df6-2f72-4f00-9d8f-d9dd809ba679
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
35702
tags.bluekai.com/site/ Frame 743E 		62 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/35702?id=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.5.109.152 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-5-109-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:08 GMT
X-N
S
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
c3e7
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cm
trc.taboola.com/sg/neustar/1/ Frame 743E
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164920803270000747262
0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164920803270000747262
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418109.709103,VS0,VE8
x-cache
MISS
status
200
cache-control
no-cache, no-store
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA

Redirect headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:08 GMT
server
AAWebServer
location
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164920803270000747262
p3p
policyref="http://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
status
302
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
32441
i.liadm.com/s/ Frame 743E
Redirect Chain
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&_li_chk=true&previous_uuid=fa6a289a032041ef8cc1374c1f5e7cc6
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&_li_chk=true&previous_uuid=fa6a289a032041ef8cc1374c1f5e7cc6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.181.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-181-188.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:08 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
/s/32441?bidder_id=88068&bidder_uuid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&_li_chk=true&previous_uuid=fa6a289a032041ef8cc1374c1f5e7cc6
Date
Sun, 15 Dec 2019 13:55:08 GMT
Connection
keep-alive
Content-Length
0
getuidnb
ib.adnxs.com/ Frame 743E 		43 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:10 GMT
AN-X-Request-Uuid
d3a08640-eb12-4626-b63a-d60e1a6abb85
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.143:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
395886.gif
idsync.rlcdn.com/ Frame 743E
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3606766354169856021
42 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/395886.gif?partner_uid=3606766354169856021
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
21.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status
200
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
42

Redirect headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:07 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location
https://idsync.rlcdn.com/395886.gif?partner_uid=3606766354169856021
Cache-Control
private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
184
Expires
0,Mon, 16 Dec 2019 08:55:08 GMT
getuidnb
ib.adnxs.com/ Frame 743E 		43 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:10 GMT
AN-X-Request-Uuid
47c39a54-176b-4ad4-bd0a-bfe5c90a055b
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.247:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel.gif
load77.exelator.com/ Frame 743E
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.29 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:08 GMT
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
"59f0c3fc-2b"
x-cache
HIT
content-type
image/gif
status
200
x-edge-ip
185.59.220.20
x-age
69510
accept-ranges
bytes
content-length
43

Redirect headers

date
Sun, 15 Dec 2019 13:55:08 GMT
server
nginx/1.14.0
x-powered-by
Undertow/1
location
https://load77.exelator.com/pixel.gif
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status
302
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
cookiesync
bttrack.com/pixel/ Frame 743E 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT - Bidtellect Inc., US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ServerName
Track004-dc3
Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:07 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
match.taboola.com/sg/bidswitch-network/1/ Frame 743E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1041527796500657537&expires=30&ssp=taboola
  • https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7
  • https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D576580db-d490-41fc-a4...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D576580db-d490-41fc-a49e-98abb96186c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418108.585174,VS0,VE8
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418108.550493,VS0,VE9
location
https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D576580db-d490-41fc-a49e-98abb96186c7
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
userx.20191210-11-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 6772 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20191210-11-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d937013fe26d9e0d2387a7a74645411a35b1e125648bc3dad60d7d0a732bf51d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
i.RK1kIUI9S9zRzDw1ebq6IcFQWTGSeE
content-encoding
gzip
age
120
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:08 GMT
x-amz-replication-status
COMPLETED
content-length
7712
x-amz-id-2
Xl8rUrNEW0E+CTbqhbHKqDC3B5sXblDnfPbRkSHXnzBdWyhyz70/D/R785aP4U9j76D5D0EYZgk=
x-served-by
cache-fra19124-FRA
last-modified
Tue, 10 Dec 2019 14:05:59 GMT
server
AmazonS3
x-timer
S1576418108.308880,VS0,VE0
etag
"016744570c686c929dfdbaae15fb0a24"
vary
Accept-Encoding
x-amz-request-id
993A988E4EAFDA1D
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
34
x-cache-hits
1
rtb-h
trc.taboola.com/sg/mediaforcebidder-network/1/ Frame 743E
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=749bf7d6-c568-4a85-8c63-93ae5047781a
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=749bf7d6-c568-4a85-8c63-93ae5047781a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418108.389884,VS0,VE9
x-served-by
cache-fra19157-FRA
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

Location
//trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=749bf7d6-c568-4a85-8c63-93ae5047781a
Date
Sun, 15 Dec 2019 13:55:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync.php
pixel.rubiconproject.com/exchange/ Frame 743E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
/
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 743E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%
  • https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=qa08TFmQ6nKQ&ev=1&pid=562107
0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=qa08TFmQ6nKQ&ev=1&pid=562107
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418108.406885,VS0,VE9
x-served-by
cache-fra19157-FRA
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

Date
Sun, 15 Dec 2019 13:55:08 GMT
Via
1.1 varnish
X-Cache
MISS
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection
keep-alive
Content-Length
0
X-Served-By
cache-hhn4044-HHN
Server
Jetty(9.4.7.v20170914)
Vary
Accept-Encoding
Content-Language
en
Location
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=qa08TFmQ6nKQ&ev=1&pid=562107
Expires
-1
Cache-Control
private, max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Type
text/plain; charset=utf-8
Cw-Server
bh-deployment-stage-0
X-Cache-Hits
0
/
trc.taboola.com/sg/rtbhouse-network/1/rtb-h/ Frame 743E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=taboola
  • https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=8GI1xF0aNZ39y8WGQdUH&pi=taboola
0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=8GI1xF0aNZ39y8WGQdUH&pi=taboola
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.388682,VS0,VE9
x-served-by
cache-fra19157-FRA
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

status
302
pragma
no-cache
date
Sun, 15 Dec 2019 13:55:06 GMT, Sun, 15 Dec 2019 13:55:06 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
location
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=8GI1xF0aNZ39y8WGQdUH&pi=taboola
expires
Thu, 01 Jan 1970 00:00:00 GMT
rtb-h
match.taboola.com/sg/google-network/1/ Frame 743E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDNfuvMuR_18m5HRk0eVMFo&google_cver=1
  • https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEDNfuvMuR_18m5HRk0eVMFo&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3DCAESEDNfuvMuR_18m5HRk0eVMFo%26goo...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEDNfuvMuR_18m5HRk0eVMFo&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3DCAESEDNfuvMuR_18m5HRk0eVMFo%26google_cver%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.431027,VS0,VE8
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
8
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.399177,VS0,VE8
location
https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEDNfuvMuR_18m5HRk0eVMFo&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3DCAESEDNfuvMuR_18m5HRk0eVMFo%26google_cver%3D1
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
rtb-h
match.taboola.com/sg/thetradedesk-network/1/ Frame 743E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75
  • https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dfbf73039-1e82-4e81...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dfbf73039-1e82-4e81-9ae0-3bf72c706d75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.432526,VS0,VE9
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
8
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.401603,VS0,VE8
location
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dfbf73039-1e82-4e81-9ae0-3bf72c706d75
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
rtb-h
match.taboola.com/sg/storygize-network/1/ Frame 743E
Redirect Chain
  • https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
  • https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=25832df7-0734-4830-9e50-bddc21ca5f3a
  • https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=25832df7-0734-4830-9e50-bddc21ca5f3a&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D25832df7-0734-4830-9e...
0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=25832df7-0734-4830-9e50-bddc21ca5f3a&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D25832df7-0734-4830-9e50-bddc21ca5f3a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418109.595133,VS0,VE9
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
8
date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418109.563477,VS0,VE8
location
https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=25832df7-0734-4830-9e50-bddc21ca5f3a&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D25832df7-0734-4830-9e50-bddc21ca5f3a
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
/
cds.taboola.com/ Frame 743E 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&_r=8558374
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:09 GMT
cache-control
no-store
x-envoy-upstream-service-time
1
Server
nginx
Connection
close
Content-Length
0
available
trc.taboola.com/gazetaexpress970x250gr-r17062380/log/3/ Frame 6772 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress970x250gr-r17062380/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-fra19157-FRA
pragma
no-cache
server
nginx
x-timer
S1576418106.373723,VS0,VE10
content-type
image/gif
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
linda.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//tvtrendnow.com/uploads/25330/ Frame 6772 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//tvtrendnow.com/uploads/25330/linda.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
bbc094c7a37c4023caa20afdef1b0886e721fa698643545afbc0c3808031f3c2

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 varnish, 1.1 varnish
age
2331412
edge-cache-tag
564825010614998444317980558177263805493,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Thu, 12 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//tvtrendnow.com/uploads/25330/linda.jpg
content-length
15042
x-served-by
cache-fra19174-FRA, cache-fra19124-FRA
last-modified
Mon, 11 Nov 2019 11:30:49 GMT
server
cloudinary
x-timer
S1576418108.421891,VS0,VE0
etag
"857c3ef4197a93ec57988893f7e1220e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 3
c9dd5322c16640ed60fa1a1742aae09c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 6772 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c9dd5322c16640ed60fa1a1742aae09c.png
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
a58c2e97245f108b401b45615160c63e649b90a067a76a1a9c793510a53e2bf6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 varnish, 1.1 varnish
age
1910930
edge-cache-tag
351582715293950596603723956480953487256,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Sat, 07 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c9dd5322c16640ed60fa1a1742aae09c.png
content-length
11894
x-served-by
cache-fra19177-FRA, cache-fra19124-FRA
last-modified
Wed, 06 Nov 2019 04:32:21 GMT
server
cloudinary
x-timer
S1576418108.439749,VS0,VE0
etag
"02473ce07b6a9869e66ac3fa98186b55"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 3
03fb3955c5c25885c038fc2ef5d7014e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 6772 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03fb3955c5c25885c038fc2ef5d7014e.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
2685a034b73d4091dbbcffb22b24c5c66379baf01cb502e5e2d2f448dbe6be8f

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 varnish, 1.1 varnish
age
1222331
edge-cache-tag
577632525504445767236670537902212649522,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Mon, 30 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03fb3955c5c25885c038fc2ef5d7014e.jpg
content-length
38943
x-served-by
cache-fra19131-FRA, cache-fra19124-FRA
last-modified
Fri, 29 Nov 2019 23:22:11 GMT
server
cloudinary
x-timer
S1576418108.445556,VS0,VE0
etag
"b0b511705a07fc681e3c036915193ba2"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3
tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/ Frame B1FB
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
  • https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
49 B
947 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.172.27 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-18-172-27.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:08 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
10.45.15.239
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:08 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Cache-Control
no-cache
X-Server
10.45.18.182
Connection
keep-alive
Content-Length
0
Expires
0
rtb-h
trc.taboola.com/sg/mediaforcebidder-network/1/ Frame B1FB
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=749bf7d6-c568-4a85-8c63-93ae5047781a
0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=749bf7d6-c568-4a85-8c63-93ae5047781a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418109.501228,VS0,VE8
x-served-by
cache-fra19157-FRA
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

Location
//trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=749bf7d6-c568-4a85-8c63-93ae5047781a
Date
Sun, 15 Dec 2019 13:55:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync.php
pixel.rubiconproject.com/exchange/ Frame B1FB 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame B1FB
Redirect Chain
  • https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
  • https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=ln20WQhw4jVmA-vE6XR5AG9NKsxKhIQryFDy4bgu3hc%3D
45 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=ln20WQhw4jVmA-vE6XR5AG9NKsxKhIQryFDy4bgu3hc%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:11 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418111.324416,VS0,VE9
x-served-by
cache-fra19157-FRA
x-cache
MISS
status
200
accept-ranges
bytes
x-cache-hits
0

Redirect headers

Location
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=ln20WQhw4jVmA-vE6XR5AG9NKsxKhIQryFDy4bgu3hc%3D
Date
Sun, 15 Dec 2019 13:55:11 GMT
Server
nginx
Connection
close
Etag
"ln20WQhw4jVmA-vE6XR5AG9NKsxKhIQryFDy4bgu3hc="
Content-Length
0
rtb-h
match.taboola.com/sg/mediamath-ssp-network/1/ Frame B1FB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=f6da5df6-3218-4a00-8f08-880a150a2675
  • https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=f6da5df6-3218-4a00-8f08-880a150a2675
  • https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=f6da5df6-3218-4a00-8f08-880a150a2675&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Df6da5df6-3218-4a0...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=f6da5df6-3218-4a00-8f08-880a150a2675&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Df6da5df6-3218-4a00-8f08-880a150a2675
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418109.606302,VS0,VE8
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418109.575425,VS0,VE9
location
https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=f6da5df6-3218-4a00-8f08-880a150a2675&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Df6da5df6-3218-4a00-8f08-880a150a2675
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
/
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame B1FB
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%
  • https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=D6bDGW9mdRwa&ev=1&pid=562107
0
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=D6bDGW9mdRwa&ev=1&pid=562107
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
15
date
Sun, 15 Dec 2019 13:55:09 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418109.094940,VS0,VE15
x-served-by
cache-fra19157-FRA
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

Date
Sun, 15 Dec 2019 13:55:09 GMT
Via
1.1 varnish
X-Cache
MISS
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection
keep-alive
Content-Length
0
X-Served-By
cache-hhn4044-HHN
Server
Jetty(9.4.7.v20170914)
Vary
Accept-Encoding
Content-Language
en
Location
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=D6bDGW9mdRwa&ev=1&pid=562107
Expires
-1
Cache-Control
private, max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Type
text/plain; charset=utf-8
Cw-Server
bh-deployment-stage-0
X-Cache-Hits
0
/
trc.taboola.com/sg/rtbhouse-network/1/rtb-h/ Frame B1FB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=taboola
  • https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=8GI1xF0aNZ39y8WGQdUH&pi=taboola
0
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=8GI1xF0aNZ39y8WGQdUH&pi=taboola
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.399551,VS0,VE9
x-served-by
cache-fra19157-FRA
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

status
302
pragma
no-cache
date
Sun, 15 Dec 2019 13:55:06 GMT, Sun, 15 Dec 2019 13:55:06 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
location
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=8GI1xF0aNZ39y8WGQdUH&pi=taboola
expires
Thu, 01 Jan 1970 00:00:00 GMT
35702
tags.bluekai.com/site/ Frame B1FB 		62 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/35702?id=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.5.109.152 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-5-109-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:08 GMT
X-N
S
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
4d8a
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cm
trc.taboola.com/sg/neustar/1/ Frame B1FB
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164890803270000746682
0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164890803270000746682
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418109.709114,VS0,VE8
x-cache
MISS
status
200
cache-control
no-cache, no-store
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA

Redirect headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:08 GMT
server
AAWebServer
location
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164890803270000746682
p3p
policyref="http://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
status
302
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
32441
i.liadm.com/s/ Frame B1FB 		43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.181.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-181-188.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:08 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
getuidnb
ib.adnxs.com/ Frame B1FB 		43 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:10 GMT
AN-X-Request-Uuid
97e94be6-9f5b-4e67-bcc5-e7dbeb2aa744
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.143:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
395886.gif
idsync.rlcdn.com/ Frame B1FB
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3606766354169856021
42 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/395886.gif?partner_uid=3606766354169856021
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
21.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status
200
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
42

Redirect headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:07 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location
https://idsync.rlcdn.com/395886.gif?partner_uid=3606766354169856021
Cache-Control
private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
184
Expires
0,Mon, 16 Dec 2019 08:55:08 GMT
rtb-h
match.taboola.com/sg/google-network/1/ Frame B1FB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDNfuvMuR_18m5HRk0eVMFo&google_cver=1
  • https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEDNfuvMuR_18m5HRk0eVMFo&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3DCAESEDNfuvMuR_18m5HRk0eVMFo%26goo...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEDNfuvMuR_18m5HRk0eVMFo&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3DCAESEDNfuvMuR_18m5HRk0eVMFo%26google_cver%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.443834,VS0,VE8
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
8
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.412912,VS0,VE8
location
https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEDNfuvMuR_18m5HRk0eVMFo&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3DCAESEDNfuvMuR_18m5HRk0eVMFo%26google_cver%3D1
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
getuidnb
ib.adnxs.com/ Frame B1FB 		43 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:10 GMT
AN-X-Request-Uuid
d5891185-94c1-4525-b583-5f1aeb268eb7
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.77:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rtb-h
match.taboola.com/sg/thetradedesk-network/1/ Frame B1FB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75
  • https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dfbf73039-1e82-4e81...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dfbf73039-1e82-4e81-9ae0-3bf72c706d75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.447811,VS0,VE8
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
8
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418106.417345,VS0,VE8
location
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=fbf73039-1e82-4e81-9ae0-3bf72c706d75&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3Dfbf73039-1e82-4e81-9ae0-3bf72c706d75
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
rtb-h
match.taboola.com/sg/storygize-network/1/ Frame B1FB
Redirect Chain
  • https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
  • https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=25832df7-0734-4830-9e50-bddc21ca5f3a
  • https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=25832df7-0734-4830-9e50-bddc21ca5f3a&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D25832df7-0734-4830-9e...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=25832df7-0734-4830-9e50-bddc21ca5f3a&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D25832df7-0734-4830-9e50-bddc21ca5f3a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418109.959040,VS0,VE8
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
12
date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418109.925438,VS0,VE12
location
https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=25832df7-0734-4830-9e50-bddc21ca5f3a&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D25832df7-0734-4830-9e50-bddc21ca5f3a
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
pixel.gif
load77.exelator.com/ Frame B1FB
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9
  • https://load77.exelator.com/pixel.gif
43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.29 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:08 GMT
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
"59f0c3fc-2b"
x-cache
HIT
content-type
image/gif
status
200
x-edge-ip
185.59.220.20
x-age
69510
accept-ranges
bytes
content-length
43

Redirect headers

date
Sun, 15 Dec 2019 13:55:08 GMT
server
nginx/1.14.0
x-powered-by
Undertow/1
location
https://load77.exelator.com/pixel.gif
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status
302
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
cookiesync
bttrack.com/pixel/ Frame B1FB 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT - Bidtellect Inc., US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Sun, 15 Dec 2019 13:55:08 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
match.taboola.com/sg/bidswitch-network/1/ Frame B1FB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola
  • https://dm.hybrid.ai/bidswitch-match?ssp=taboola
  • https://x.bidswitch.net/sync?dsp_id=258&user_id=8704ac38305b7b56764f&expires=30&ssp=taboola
  • https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7
  • https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D576580db-d490-41fc-a4...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D576580db-d490-41fc-a49e-98abb96186c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418107.675380,VS0,VE8
x-served-by
cache-hhn4044-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-vcl-time-ms
9
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1576418107.639437,VS0,VE9
location
https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=576580db-d490-41fc-a49e-98abb96186c7&tbid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&query=taboola_hm%3D576580db-d490-41fc-a49e-98abb96186c7
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
userx.20191210-11-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 51B7 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20191210-11-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d937013fe26d9e0d2387a7a74645411a35b1e125648bc3dad60d7d0a732bf51d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
i.RK1kIUI9S9zRzDw1ebq6IcFQWTGSeE
content-encoding
gzip
age
121
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:08 GMT
x-amz-replication-status
COMPLETED
content-length
7712
x-amz-id-2
Xl8rUrNEW0E+CTbqhbHKqDC3B5sXblDnfPbRkSHXnzBdWyhyz70/D/R785aP4U9j76D5D0EYZgk=
x-served-by
cache-fra19124-FRA
last-modified
Tue, 10 Dec 2019 14:05:59 GMT
server
AmazonS3
x-timer
S1576418109.816918,VS0,VE0
etag
"016744570c686c929dfdbaae15fb0a24"
vary
Accept-Encoding
x-amz-request-id
993A988E4EAFDA1D
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
34
x-cache-hits
2
/
cds.taboola.com/ Frame B1FB 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=3c06884b-436f-4017-bd1d-a9c09af92e9e-tuct4efc0b9&_r=598279
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 13:55:09 GMT
cache-control
no-store
x-envoy-upstream-service-time
0
Server
nginx
Connection
close
Content-Length
0
available
trc.taboola.com/gazetaexpress970x250gr-r17062380/log/3/ Frame 51B7 		0
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress970x250gr-r17062380/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
date
Sun, 15 Dec 2019 13:55:06 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-fra19157-FRA
pragma
no-cache
server
nginx
x-timer
S1576418106.391175,VS0,VE10
content-type
image/gif
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
linda.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//tvtrendnow.com/uploads/25330/ Frame 51B7 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//tvtrendnow.com/uploads/25330/linda.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
bbc094c7a37c4023caa20afdef1b0886e721fa698643545afbc0c3808031f3c2

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 varnish, 1.1 varnish
age
2331413
edge-cache-tag
564825010614998444317980558177263805493,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Thu, 12 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//tvtrendnow.com/uploads/25330/linda.jpg
content-length
15042
x-served-by
cache-fra19174-FRA, cache-fra19124-FRA
last-modified
Mon, 11 Nov 2019 11:30:49 GMT
server
cloudinary
x-timer
S1576418109.831637,VS0,VE0
etag
"857c3ef4197a93ec57988893f7e1220e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 4
c9dd5322c16640ed60fa1a1742aae09c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 51B7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c9dd5322c16640ed60fa1a1742aae09c.png
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
a58c2e97245f108b401b45615160c63e649b90a067a76a1a9c793510a53e2bf6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 varnish, 1.1 varnish
age
1910931
edge-cache-tag
351582715293950596603723956480953487256,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Sat, 07 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c9dd5322c16640ed60fa1a1742aae09c.png
content-length
11894
x-served-by
cache-fra19177-FRA, cache-fra19124-FRA
last-modified
Wed, 06 Nov 2019 04:32:21 GMT
server
cloudinary
x-timer
S1576418109.840373,VS0,VE0
etag
"02473ce07b6a9869e66ac3fa98186b55"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 4
03fb3955c5c25885c038fc2ef5d7014e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 51B7 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03fb3955c5c25885c038fc2ef5d7014e.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
2685a034b73d4091dbbcffb22b24c5c66379baf01cb502e5e2d2f448dbe6be8f

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 varnish, 1.1 varnish
age
1222332
edge-cache-tag
577632525504445767236670537902212649522,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Mon, 30 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03fb3955c5c25885c038fc2ef5d7014e.jpg
content-length
38943
x-served-by
cache-fra19131-FRA, cache-fra19124-FRA
last-modified
Fri, 29 Nov 2019 23:22:11 GMT
server
cloudinary
x-timer
S1576418109.856177,VS0,VE0
etag
"b0b511705a07fc681e3c036915193ba2"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4
sd
us-u.openx.net/w/1.0/ Frame EE95
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHB81AccF4Wo5MB_q5J5RGE&google_cver=1
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHB81AccF4Wo5MB_q5J5RGE&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.171.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:09 GMT
via
1.1 google
server
OXGW/16.171.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:08 GMT
server
HTTP server (unknown)
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHB81AccF4Wo5MB_q5J5RGE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3920
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHeFMHpi8RdjwPsCxNIDcS4&google_cver=1
43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHeFMHpi8RdjwPsCxNIDcS4&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.171.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:09 GMT
via
1.1 google
server
OXGW/16.171.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:09 GMT
server
HTTP server (unknown)
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHeFMHpi8RdjwPsCxNIDcS4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DD0C
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB76TuhhDS5hiSqXH7VTkCM&google_cver=1
43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB76TuhhDS5hiSqXH7VTkCM&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.171.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:09 GMT
via
1.1 google
server
OXGW/16.171.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:08 GMT
server
HTTP server (unknown)
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB76TuhhDS5hiSqXH7VTkCM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame CD7F
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGR0KxBgM3WbQ9kQO_S6A14&google_cver=1
43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGR0KxBgM3WbQ9kQO_S6A14&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.171.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:09 GMT
via
1.1 google
server
OXGW/16.171.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:09 GMT
server
HTTP server (unknown)
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGR0KxBgM3WbQ9kQO_S6A14&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame C5E6
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA
  • https://match.adsrvr.org/track/cmf/openx?oxid=dfd1670e-4729-3118-4630-a56aa82dc1d2&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=dfd1670e-4729-3118-4630-a56aa82dc1d2&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.118.177 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-49-118-177.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
200
cache-control
private,no-cache, must-revalidate
content-type
image/gif
content-length
70

Redirect headers

date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 google
server
OXGW/16.171.0
location
https://match.adsrvr.org/track/cmf/openx?oxid=dfd1670e-4729-3118-4630-a56aa82dc1d2&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
alt-svc
clear
ads
securepubads.g.doubleclick.net/gampad/ Frame 8B6C 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3692605879327296&correlator=4053862347806897&output=ldjh&impl=fif&adsid=NT&eid=21062832&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191215&iu=%2F27794161%2Fgazetaexpress.com_Web_300x250_1&sz=300x250&scp=refurl%3Dgazetaexpress.com%26floor_group%3Dctrl_group%26hour%3D13%26adx_floor%3D1%26Exclude_Adx%3DN%26instBid_bidder%3Dnofill%26instBid_pb%3D0%26instBid_adid%3Dnofill%26instBid_size%3D300x250%26impression_type%3Dinitial_load&cust_params=amznbid%3D0%26amznp%3D0&cookie_enabled=1&cdm=www.gazetaexpress.com&bc=31&abxe=1&lmt=1576418106&dt=1576418106640&dlt=1576418102031&idt=4602&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adx=691&ady=49&adk=562667231&uci=pcczelbuslfx&ifi=1&ifk=1308017813&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.gazetaexpress.com%2F&top=https%3A%2F%2Fwww.gazetaexpress.com%2F&dssz=16&icsg=32938&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x600&msz=300x-1&ga_vid=1220366017.1576418107&ga_sid=1576418107&ga_hid=77629897&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
147cb225d460ca845e6ff19c265f5dd53ed98422be5bde91995aa326cacc4752
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2422
x-xss-protection
0
google-lineitem-id
5160929221
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138286292524
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019121002.js
securepubads.g.doubleclick.net/gpt/ Frame 8B6C 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24811
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:06 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 8B6C 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ Frame 8B6C 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3692605879327296&correlator=4053862347806897&output=ldjh&impl=fif&adsid=NT&eid=21062832&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191215&iu=%2F27794161%2Fgazetaexpress.com_Web_300x250_2&sz=300x250&scp=refurl%3Dgazetaexpress.com%26floor_group%3Dctrl_group%26hour%3D13%26adx_floor%3D1%26Exclude_Adx%3DN%26instBid_bidder%3Dnofill%26instBid_pb%3D0%26instBid_adid%3Dnofill%26instBid_size%3D300x250%26impression_type%3Dinitial_load&cust_params=amznbid%3D0%26amznp%3D0&cookie_enabled=1&cdm=www.gazetaexpress.com&bc=31&abxe=1&lmt=1576418106&dt=1576418106644&dlt=1576418102031&idt=4602&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adx=691&ady=349&adk=3995190089&uci=vfude5imcu3v&ifi=2&ifk=1308017813&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.gazetaexpress.com%2F&top=https%3A%2F%2Fwww.gazetaexpress.com%2F&dssz=17&icsg=164010&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x600&msz=300x-1&ga_vid=1220366017.1576418107&ga_sid=1576418107&ga_hid=77629897&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
0a7d0280d6a6eea65f283503784dcab7c53572f957a0eaff45943963c7582c91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2405
x-xss-protection
0
google-lineitem-id
5160929221
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138294398692
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 8A1C 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=59061882146271&correlator=2576337564423766&output=ldjh&impl=fif&adsid=NT&eid=21062833&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191215&iu=%2F27794161%2Fgazetaexpress.com_Web_300x250_1&sz=300x250&scp=refurl%3Dgazetaexpress.com%26floor_group%3Dctrl_group%26hour%3D13%26adx_floor%3D1%26Exclude_Adx%3DN%26instBid_bidder%3Dnofill%26instBid_pb%3D0%26instBid_adid%3Dnofill%26instBid_size%3D300x250%26impression_type%3Dinitial_load&cust_params=amznbid%3D0%26amznp%3D0&cookie_enabled=1&cdm=www.gazetaexpress.com&bc=31&abxe=1&lmt=1576418106&dt=1576418106655&dlt=1576418102027&idt=4621&ea=0&frm=23&biw=1600&bih=1200&isw=160&ish=600&oid=3&adx=1150&ady=225&adk=562667231&uci=fiyndcqh5b74&ifi=1&ifk=4031186281&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.gazetaexpress.com%2F&top=https%3A%2F%2Fwww.gazetaexpress.com%2F&dssz=16&icsg=32938&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600&msz=300x-1&ga_vid=1675521692.1576418107&ga_sid=1576418107&ga_hid=1248712856&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
45dc155d7dd20e88d56161ccc2252810f657aba8c40746245bbab60da9ef7b23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2449
x-xss-protection
0
google-lineitem-id
5160929221
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138294090393
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019121002.js
securepubads.g.doubleclick.net/gpt/ Frame 8A1C 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24811
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:06 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 8A1C 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ Frame 8A1C 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=59061882146271&correlator=2576337564423766&output=ldjh&impl=fif&adsid=NT&eid=21062833&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191215&iu=%2F27794161%2Fgazetaexpress.com_Web_300x250_2&sz=300x250&scp=refurl%3Dgazetaexpress.com%26floor_group%3Dctrl_group%26hour%3D13%26adx_floor%3D1%26Exclude_Adx%3DN%26instBid_bidder%3Dnofill%26instBid_pb%3D0%26instBid_adid%3Dnofill%26instBid_size%3D300x250%26impression_type%3Dinitial_load&cust_params=amznbid%3D0%26amznp%3D0&cookie_enabled=1&cdm=www.gazetaexpress.com&bc=31&abxe=1&lmt=1576418106&dt=1576418106660&dlt=1576418102027&idt=4621&ea=0&frm=23&biw=1600&bih=1200&isw=160&ish=600&oid=3&adx=1080&ady=525&adk=3995190089&uci=hcsnje1x2spf&ifi=2&ifk=4031186281&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.gazetaexpress.com%2F&top=https%3A%2F%2Fwww.gazetaexpress.com%2F&dssz=17&icsg=164010&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600&msz=300x-1&ga_vid=1675521692.1576418107&ga_sid=1576418107&ga_hid=1248712856&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
5565d8fbde0371e6c443df22c0d3234796fa502e8628a6d0337d4d3bca302a1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2403
x-xss-protection
0
google-lineitem-id
5160929221
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138294398692
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame BBB2 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4363021753822118&correlator=623422124181661&output=ldjh&impl=fif&adsid=NT&eid=21062889&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191215&iu=%2F27794161%2Fgazetaexpress.com_Web_300x250_1&sz=300x250&scp=refurl%3Dgazetaexpress.com%26floor_group%3Dctrl_group%26hour%3D13%26adx_floor%3D1%26Exclude_Adx%3DN%26instBid_bidder%3Dnofill%26instBid_pb%3D0%26instBid_adid%3Dnofill%26instBid_size%3D300x250%26impression_type%3Dinitial_load&cust_params=amznbid%3D0%26amznp%3D0&cookie_enabled=1&cdm=www.gazetaexpress.com&bc=31&abxe=1&lmt=1576418106&dt=1576418106671&dlt=1576418102022&idt=4644&ea=0&frm=23&biw=1600&bih=1200&isw=160&ish=600&oid=3&adx=150&ady=225&adk=562667231&uci=2jeu2ntu4960&ifi=1&ifk=1321351415&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.gazetaexpress.com%2F&top=https%3A%2F%2Fwww.gazetaexpress.com%2F&dssz=16&icsg=32938&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600&msz=300x-1&ga_vid=1740216151.1576418107&ga_sid=1576418107&ga_hid=1510012346&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
b8d14566f654e1ef9fbc1eee065f207c8a1a65cb8cc36ec3959e96cdf2a8f7b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3230
x-xss-protection
0
google-lineitem-id
5160929221
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138286292212
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019121002.js
securepubads.g.doubleclick.net/gpt/ Frame BBB2 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24811
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:06 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame BBB2 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ Frame BBB2 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4363021753822118&correlator=623422124181661&output=ldjh&impl=fif&adsid=NT&eid=21062889&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191215&iu=%2F27794161%2Fgazetaexpress.com_Web_300x250_2&sz=300x250&scp=refurl%3Dgazetaexpress.com%26floor_group%3Dctrl_group%26hour%3D13%26adx_floor%3D1%26Exclude_Adx%3DN%26instBid_bidder%3Dnofill%26instBid_pb%3D0%26instBid_adid%3Dnofill%26instBid_size%3D300x250%26impression_type%3Dinitial_load&cust_params=amznbid%3D0%26amznp%3D0&cookie_enabled=1&cdm=www.gazetaexpress.com&bc=31&abxe=1&lmt=1576418106&dt=1576418106676&dlt=1576418102022&idt=4644&ea=0&frm=23&biw=1600&bih=1200&isw=160&ish=600&oid=3&adx=80&ady=525&adk=3995190089&uci=p0wudnjd2hm4&ifi=2&ifk=1321351415&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.gazetaexpress.com%2F&top=https%3A%2F%2Fwww.gazetaexpress.com%2F&dssz=17&icsg=164010&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600&msz=300x-1&ga_vid=1740216151.1576418107&ga_sid=1576418107&ga_hid=1510012346&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
6369eee7781e96bdfc8b8fb3d8cafa3b2e00fe1878d62d6e92a7882a58472b6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2415
x-xss-protection
0
google-lineitem-id
5160929221
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138294398692
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame B448
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA
  • https://match.adsrvr.org/track/cmf/openx?oxid=dfd1670e-4729-3118-4630-a56aa82dc1d2&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=dfd1670e-4729-3118-4630-a56aa82dc1d2&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.118.177 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-49-118-177.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
200
cache-control
private,no-cache, must-revalidate
content-type
image/gif
content-length
70

Redirect headers

date
Sun, 15 Dec 2019 13:55:08 GMT
via
1.1 google
server
OXGW/16.171.0
location
https://match.adsrvr.org/track/cmf/openx?oxid=dfd1670e-4729-3118-4630-a56aa82dc1d2&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
alt-svc
clear
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B6C 		0
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=3692605879327296&r=300x250&w=300&h=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:08 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8745 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNArvaFQ5Mw-MF4dlyaCfO8bkbwXgnkaa4vWC4kbyjCt2Wk5YoQ2-svqtMC-wydw8MnM_-luYDZ0Iz3kCN9Vhb0AIur2IErjRLVXVXpTrPQGvhncDv4XeCoND5NKNBt8gUEl0n3ghOzbaDXtZ30kXUFY4SEEuBAb__5qDdUmDZ-K6ZZcI06eCTiBqKf90R-lbI12YSOoa2FqffNrjc3qXht_xwsH5JNEYQWhzXOE_0bH4Z3QJaGKOhWQUwVMlwQ1AI2rQqeieGz5cO6J7Fpdh8FvFhEBGyFkN8ud7F&sig=Cg0ArKJSzKuGlQWEjQCREAE&urlfix=1&adurl=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 Dec 2019 13:55:06 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 8745 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29272
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:06 GMT
imgad
tpc.googlesyndication.com/pagead/ Frame 8745 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDb7Yb1lgEQARgBMginzBoRNrzgRg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
353cb80b6329eafa244b4a723090f422c14ec61c5a44e999843aa30748ed33dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 10 Dec 2019 15:24:05 GMT
x-content-type-options
nosniff
server
cafe
age
426661
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=604800
content-disposition
attachment; filename="image.png"
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39730
x-xss-protection
0
expires
Tue, 17 Dec 2019 15:24:05 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 8B6C 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29463
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:06 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AE91 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4vQQsyDiyfNYSBTfit7OMmBoHCIs3w5Jw25oIB8k3S6v3I1RcFiRKGW49FzBs1hPanYgAwE6YOB9hKSzEpI4w2DBCKVw_jt4QiinduL1hDaYqCnX7UFa0Z8QIyoYTWH43NQAFgbnsRV60imBkgcj_qxc_OnfGpbVojqRbzFsQD09D41KZWh37Ze6bzoJCs1UV31x18qYFZix2_-Rrf71XJZu0IDPuVho_tnutDhfFDxqI69C1nCprK42Msfz-djlvqKv6613-fUtDoRuQuincoCNDRzF-azFN12ji&sig=Cg0ArKJSzAEdJnxYByWoEAE&urlfix=1&adurl=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 Dec 2019 13:55:06 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame AE91 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29272
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:06 GMT
imgad
tpc.googlesyndication.com/pagead/ Frame AE91 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDb7aahtAEQARgBMgjXDi0KeZe8gg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
479deaea78a22be3bb4ba1f4f3676454ffc3cfd88a3253285e0696fad7f304c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Dec 2019 11:23:05 GMT
x-content-type-options
nosniff
server
cafe
age
268321
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=604800
content-disposition
attachment; filename="image.png"
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33958
x-xss-protection
0
expires
Thu, 19 Dec 2019 11:23:05 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3B47 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstw7w7Z1hkTrAbpx1awabvu8U0ETUUgiu1AGjehOd-kJCl7rElIxHJLmTpxIENElvNn_iE_Knpl0zkPauiZsfOehzw5Ul18cw8HhiUnGR6dyUGMGcbV-dKfxN2t_ihVUHZNutcn1vc9fWSBJzLXSzw52T1ysN8pY1hkgQd__Hz6Sat-A0Lh9PIEiBo_9tqj_wp24GsmafF3ekgRam2CfNSrWh0WXgfQus4f4cOHupSWRleiJ5yHC1v2fQAxTQaV4-O-kkpMgTLGK5FUgyWOqyNWFSBchvkig9ke5b1V&sig=Cg0ArKJSzA3w8_C7ACLWEAE&urlfix=1&adurl=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 Dec 2019 13:55:06 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
imgad
tpc.googlesyndication.com/pagead/ Frame 3B47 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDb7Yb1lgEQARgBMginzBoRNrzgRg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
353cb80b6329eafa244b4a723090f422c14ec61c5a44e999843aa30748ed33dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 10 Dec 2019 15:24:05 GMT
x-content-type-options
nosniff
server
cafe
age
426661
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=604800
content-disposition
attachment; filename="image.png"
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39730
x-xss-protection
0
expires
Tue, 17 Dec 2019 15:24:05 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 3B47 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29272
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:06 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 8A1C 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29463
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:06 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4DFB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFkFJRTmB_EB401g2D7cKiMrogjVttbhZiwuy5mOqMYpg8dF_IxQ7RO0WLOj4TyuHjefJ2k3w1rpBcxO9sARkcy6Ts2Pgp8R5GYe3MQHf5u8VMJsNbWtYXZeDhv_isQ9DHPMICYD98Rf8FMFz6fawhk2FVhsHGZR503kTOs5YUqT_rK_ip7mkw4yGpEKRy70EJyw95ilV2-OK7Wk_xKgSwWEik84W00lTojQrWNgv-8JwBYlQ3texV-jhLgHj2RannCCeual73XL086Y26NGx4azXr8ucwPolaqIOL&sig=Cg0ArKJSzGnllRot4W9YEAE&urlfix=1&adurl=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 Dec 2019 13:55:06 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
imgad
tpc.googlesyndication.com/pagead/ Frame 4DFB 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDb7aahtAEQARgBMgjXDi0KeZe8gg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
479deaea78a22be3bb4ba1f4f3676454ffc3cfd88a3253285e0696fad7f304c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Dec 2019 11:23:05 GMT
x-content-type-options
nosniff
server
cafe
age
268321
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=604800
content-disposition
attachment; filename="image.png"
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33958
x-xss-protection
0
expires
Thu, 19 Dec 2019 11:23:05 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 4DFB 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29272
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:06 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame BBB2 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29463
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:06 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D103 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYhyVTzVcvtH1dC7digBXKIDBzYxkLvwXI8fZc_7IcbOLdfb67GESAS-RYGh141z6cPUjEtKVebWrcMoOVzfdHTnGXD45GiZaOVSyI5UIcw02elRcauFjEiN-0uZKL_nr9AmPpYwhqPNd4xplZKmMfNzIMDyNIUWuZLKEjhmSqnZeSho0_stFEKS7bCdl5U2RtQmFZQmKA6UAI34pQkZCSZYyrcZBwsc7i2CETaNzAlRJnxE1ZYIZQlgMdw54X7DnnPHUMuZUuHFtG4pGIVry2BV5g3tYg5HInvbTm&sig=Cg0ArKJSzP9mjSJ3sMvwEAE&urlfix=1&adurl=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 Dec 2019 13:55:06 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
imgad
tpc.googlesyndication.com/pagead/ Frame D103 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDb7aahtAEQARgBMgjXDi0KeZe8gg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
479deaea78a22be3bb4ba1f4f3676454ffc3cfd88a3253285e0696fad7f304c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Dec 2019 11:23:05 GMT
x-content-type-options
nosniff
server
cafe
age
268321
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=604800
content-disposition
attachment; filename="image.png"
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33958
x-xss-protection
0
expires
Thu, 19 Dec 2019 11:23:05 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame D103 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29272
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:06 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B668 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCS6na8Fc8gKXItJGDGmOCAMSihV84tYAkTTfCVZbT-M-TnKkcmS1ImzIl3SVnK2UBw7jHBj-XxXZ28YNuWiJ-Wt6zKJdJc83o2CzgULfSvlIS_Ogci-DsX5nE1lSrD6yoTinGi-0aPNhthmsHhr2Idqal03S5xiBFbLOpG9udF1KUC4S1HFoR4sR7ybKyfJ652nLM02e3f9a07NXJU2UfiP5Es3nsuoR32zJ7YemXE4l9xy9tfOFYoS7k939IodLHh931gvAyVaJqNyMggmQ6T_9-cAvu9ik9aWWA&sig=Cg0ArKJSzFPkJ4vFUrX8EAE&urlfix=1&adurl=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 Dec 2019 13:55:06 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
imgad
tpc.googlesyndication.com/pagead/ Frame B668 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDb7aahtAEQARgBMgjXDi0KeZe8gg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
479deaea78a22be3bb4ba1f4f3676454ffc3cfd88a3253285e0696fad7f304c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Dec 2019 11:23:05 GMT
x-content-type-options
nosniff
server
cafe
age
268321
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=604800
content-disposition
attachment; filename="image.png"
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33958
x-xss-protection
0
expires
Thu, 19 Dec 2019 11:23:05 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame B668 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29272
x-xss-protection
0
expires
Sun, 15 Dec 2019 13:55:06 GMT
truncated
/ Frame 8745 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4eb2a3739d4a6ccd168f5b936df5da7c8eb064bea8d11ac71b6fc67ecca5e115

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AE91 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e45e133f84a011e19c0afac934c4efe5270cce192405414ab112500d71d51ac8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3B47 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6c9951caf0fda85d0fc4218e1cf4cd5ff686bcefcfc4b853649260528644375

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4DFB 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4165c20cc24e4c7634e315b4f516b3d08dfffe206b505b6e1a5abe41588b21b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D103 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0444ac319cc4f0d5c7a75e008c430c016ec36846ed9e8e8dfd0af896599390c4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B668 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9f3502b9a446bc310bd2d33ffa73b54c2d03c94d1d7d9be62e5995297e083f1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame B668 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
1c805bc236ef2efe999e3d29d8664ab4234308a1b4b83288fcf6e5330ff640bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1265
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19307
x-xss-protection
0
server
cafe
etag
7977128950854206969
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 15 Dec 2019 14:34:01 GMT
csi
csi.gstatic.com/ Frame B668 		0
304 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~k472n023&chm=1&ctx=2&gqid=Ojv2XeSbKuON7_UPw9KB2AE&qqid=CInjkYrnt-YCFURM5QodKIALXg&met.4=fb.2~lb.2b~ol.2c~idt.3i5~dt.-2v&met.3=197.29~123.29_2~117.2c~118.2d~118.2d~118.2i~118.2i~118.2l~113.3a_2~112.39_3&met.1=1.k472mzyu~14.0~15.0~16.0~17.0~18.0~19.0~20.2c~21.2c~22.16~23.16&met.7=CAQQBhgBIAMoAzAPOA1oA3AMePOJAoABpokCiAGmiQKwAQG4AQM~CCoQChgBIAMoAzAtOCo~CCgQChgBIFsoWzByOBdoW3BxeJ6YAYAB65YBiAH3iQOwAQG4AQM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400a:808::2003 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
linda.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//tvtrendnow.com/uploads/25330/ Frame 3490 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//tvtrendnow.com/uploads/25330/linda.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
bbc094c7a37c4023caa20afdef1b0886e721fa698643545afbc0c3808031f3c2

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish, 1.1 varnish
age
2331411
edge-cache-tag
564825010614998444317980558177263805493,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Thu, 12 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//tvtrendnow.com/uploads/25330/linda.jpg
content-length
15042
x-served-by
cache-fra19174-FRA, cache-fra19124-FRA
last-modified
Mon, 11 Nov 2019 11:30:49 GMT
server
cloudinary
x-timer
S1576418107.306263,VS0,VE0
etag
"857c3ef4197a93ec57988893f7e1220e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2
03fb3955c5c25885c038fc2ef5d7014e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 3490 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03fb3955c5c25885c038fc2ef5d7014e.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
2685a034b73d4091dbbcffb22b24c5c66379baf01cb502e5e2d2f448dbe6be8f

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish, 1.1 varnish
age
1222330
edge-cache-tag
577632525504445767236670537902212649522,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Mon, 30 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03fb3955c5c25885c038fc2ef5d7014e.jpg
content-length
38943
x-served-by
cache-fra19131-FRA, cache-fra19124-FRA
last-modified
Fri, 29 Nov 2019 23:22:11 GMT
server
cloudinary
x-timer
S1576418107.346550,VS0,VE0
etag
"b0b511705a07fc681e3c036915193ba2"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2
c9dd5322c16640ed60fa1a1742aae09c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 3490 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c9dd5322c16640ed60fa1a1742aae09c.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
a58c2e97245f108b401b45615160c63e649b90a067a76a1a9c793510a53e2bf6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish, 1.1 varnish
age
1910929
edge-cache-tag
351582715293950596603723956480953487256,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Sat, 07 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c9dd5322c16640ed60fa1a1742aae09c.png
content-length
11894
x-served-by
cache-fra19177-FRA, cache-fra19124-FRA
last-modified
Wed, 06 Nov 2019 04:32:21 GMT
server
cloudinary
x-timer
S1576418107.364655,VS0,VE0
etag
"02473ce07b6a9869e66ac3fa98186b55"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2
visible
trc.taboola.com/gazetaexpress970x250gr-r17062380/log/3/ Frame 6772 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress970x250gr-r17062380/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191210-11-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
11
date
Sun, 15 Dec 2019 13:55:07 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-fra19157-FRA
pragma
no-cache
server
nginx
x-timer
S1576418107.376062,VS0,VE11
content-type
image/gif
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame CC48 		254 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
age
7343
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:07 GMT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by
cache-fra19124-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1576418108.774853,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-request-id
F6D91014AAA6CDC4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
34
x-cache-hits
9482
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 3490 		254 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/userx.20191210-11-RELEASE.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
age
7343
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:07 GMT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by
cache-fra19124-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1576418108.793705,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-request-id
F6D91014AAA6CDC4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
34
x-cache-hits
9483
activeview
pagead2.googlesyndication.com/pcs/ Frame D103 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5eXZ4mfptiEmj77jy7hPzd2laPewCf4NlSa-ewuUOqTZQJKxCTAYhPEcTtOKZlYLKWr2BEwLLx2YhpI6G-z5LcDltb72xrcKqiEJNIQg&sig=Cg0ArKJSzDbZ8yDyVAbSEAE&adk=3995190089&tt=-1&bs=1600%2C1200&mtos=0,0,1024,1024,1024&tos=0,0,1024,0,0&p=0,0,250,300&mcvt=1024&rs=0&ht=0&tfs=103&tls=1127&mc=0.53&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&lm=2&rst=1576418106771&dlt&rpt=79&isd=0&msd&ext&imams=1&xdi=0&ps=1600%2C1200&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-3-12-2-11-11-0-0-0&tvt=1127&is=300%2C250&iframe_loc=https%3A%2F%2Fwww.gazetaexpress.com%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&clc=1&wf=0&cac=1&cd=0x0&itpl=19&v=20191206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:09 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B668 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu25AfukenqexcW5iHEsq6NWPGtcqXzJyahY6SZNv1BjSeywyq9-YXxWhe2F1QtI85NQdaCqpBFZS_FaGlSWnQieYOrbZ5Jy2vlhmdl_l0&sig=Cg0ArKJSzKGfswkQMheWEAE&adk=562667231&tt=-1&bs=1600%2C1200&mtos=0,0,1019,1019,1019&tos=0,0,1019,0,0&p=0,0,250,300&mcvt=1019&rs=0&ht=0&tfs=103&tls=1122&mc=0.53&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&lm=2&rst=1576418106777&dlt&rpt=80&isd=0&msd&ext&imams=1&xdi=0&ps=1600%2C1200&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-3-12-3-11-11-0-0-0&tvt=1120&is=300%2C250&iframe_loc=https%3A%2F%2Fwww.gazetaexpress.com%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&clc=1&wf=0&cac=1&cd=0x0&itpl=19&v=20191206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:09 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3B47 		42 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttlX1jNqvnE67mrAk9WsuQz3apmLK_rwaQQOyW7RLwGtAAOdx-Hk1VsvNSjYbfIaPn2YxBIK7uCqgmT_8xfyhZ6mvT0Pd1AiqZZp-VMXs&sig=Cg0ArKJSzGJlXGFz3sW_EAE&adk=562667231&tt=-1&bs=1600%2C1200&mtos=0,0,1013,1013,1013&tos=0,0,1013,0,0&p=0,0,250,300&sbeos=0&mcvt=1013&rs=0&ht=0&tfs=205&tls=1218&mc=0.53&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&lm=2&rst=1576418106754&dlt&rpt=78&isd=0&msd&ext&imams=1&phel=1&phell=1&xdi=0&ps=1600%2C1200&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-5-13-3-12-12-0-0-0&tvt=1217&is=300%2C250&iframe_loc=https%3A%2F%2Fwww.gazetaexpress.com%2F&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&clc=1&wf=0&cac=1&cd=0x0&itpl=19&v=20191206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:09 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4DFB 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshoju8EN-KP9vgkYrmzAYCStxxJXOenTQCm645xj_uFXnaFeM12Qh-F0aOtYcw5bxP3zSmMgwBILkM2MduMhDVo5QpeG4IunypLgqQN9w&sig=Cg0ArKJSzJX66VIc_MjoEAE&adk=3995190089&tt=-1&bs=1600%2C1200&mtos=0,0,1024,1024,1024&tos=0,0,1024,0,0&p=0,0,250,300&mcvt=1024&rs=0&ht=0&tfs=204&tls=1228&mc=0.53&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&lm=2&rst=1576418106759&dlt&rpt=85&isd=0&msd&ext&imams=1&xdi=0&ps=1600%2C1200&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-5-13-2-12-12-0-0-0&tvt=1227&is=300%2C250&iframe_loc=https%3A%2F%2Fwww.gazetaexpress.com%2F&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&clc=1&wf=0&cac=1&cd=0x0&itpl=19&v=20191206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:09 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 6772 		254 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
age
7344
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:08 GMT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by
cache-fra19124-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1576418108.340534,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-request-id
F6D91014AAA6CDC4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
34
x-cache-hits
9485
linda.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//tvtrendnow.com/uploads/25330/ Frame 6772 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//tvtrendnow.com/uploads/25330/linda.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
bbc094c7a37c4023caa20afdef1b0886e721fa698643545afbc0c3808031f3c2

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:09 GMT
via
1.1 varnish, 1.1 varnish
age
2331413
edge-cache-tag
564825010614998444317980558177263805493,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Thu, 12 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//tvtrendnow.com/uploads/25330/linda.jpg
content-length
15042
x-served-by
cache-fra19174-FRA, cache-fra19124-FRA
last-modified
Mon, 11 Nov 2019 11:30:49 GMT
server
cloudinary
x-timer
S1576418109.016541,VS0,VE0
etag
"857c3ef4197a93ec57988893f7e1220e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 5
c9dd5322c16640ed60fa1a1742aae09c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 6772 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c9dd5322c16640ed60fa1a1742aae09c.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
a58c2e97245f108b401b45615160c63e649b90a067a76a1a9c793510a53e2bf6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:09 GMT
via
1.1 varnish, 1.1 varnish
age
1910931
edge-cache-tag
351582715293950596603723956480953487256,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Sat, 07 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c9dd5322c16640ed60fa1a1742aae09c.png
content-length
11894
x-served-by
cache-fra19177-FRA, cache-fra19124-FRA
last-modified
Wed, 06 Nov 2019 04:32:21 GMT
server
cloudinary
x-timer
S1576418109.041342,VS0,VE0
etag
"02473ce07b6a9869e66ac3fa98186b55"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 5
03fb3955c5c25885c038fc2ef5d7014e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 6772 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03fb3955c5c25885c038fc2ef5d7014e.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
2685a034b73d4091dbbcffb22b24c5c66379baf01cb502e5e2d2f448dbe6be8f

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:09 GMT
via
1.1 varnish, 1.1 varnish
age
1222332
edge-cache-tag
577632525504445767236670537902212649522,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Mon, 30 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03fb3955c5c25885c038fc2ef5d7014e.jpg
content-length
38943
x-served-by
cache-fra19131-FRA, cache-fra19124-FRA
last-modified
Fri, 29 Nov 2019 23:22:11 GMT
server
cloudinary
x-timer
S1576418109.046996,VS0,VE0
etag
"b0b511705a07fc681e3c036915193ba2"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 5
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 51B7 		254 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
age
7344
x-cache
HIT
status
200
date
Sun, 15 Dec 2019 13:55:08 GMT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by
cache-fra19124-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1576418109.846052,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-request-id
F6D91014AAA6CDC4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
34
x-cache-hits
9486
linda.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//tvtrendnow.com/uploads/25330/ Frame 51B7 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//tvtrendnow.com/uploads/25330/linda.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
bbc094c7a37c4023caa20afdef1b0886e721fa698643545afbc0c3808031f3c2

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:09 GMT
via
1.1 varnish, 1.1 varnish
age
2331413
edge-cache-tag
564825010614998444317980558177263805493,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Thu, 12 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//tvtrendnow.com/uploads/25330/linda.jpg
content-length
15042
x-served-by
cache-fra19174-FRA, cache-fra19124-FRA
last-modified
Mon, 11 Nov 2019 11:30:49 GMT
server
cloudinary
x-timer
S1576418109.050657,VS0,VE0
etag
"857c3ef4197a93ec57988893f7e1220e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 6
c9dd5322c16640ed60fa1a1742aae09c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 51B7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c9dd5322c16640ed60fa1a1742aae09c.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
a58c2e97245f108b401b45615160c63e649b90a067a76a1a9c793510a53e2bf6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:09 GMT
via
1.1 varnish, 1.1 varnish
age
1910931
edge-cache-tag
351582715293950596603723956480953487256,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Sat, 07 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c9dd5322c16640ed60fa1a1742aae09c.png
content-length
11894
x-served-by
cache-fra19177-FRA, cache-fra19124-FRA
last-modified
Wed, 06 Nov 2019 04:32:21 GMT
server
cloudinary
x-timer
S1576418109.062080,VS0,VE0
etag
"02473ce07b6a9869e66ac3fa98186b55"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 6
03fb3955c5c25885c038fc2ef5d7014e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 51B7 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03fb3955c5c25885c038fc2ef5d7014e.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
2685a034b73d4091dbbcffb22b24c5c66379baf01cb502e5e2d2f448dbe6be8f

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 13:55:09 GMT
via
1.1 varnish, 1.1 varnish
age
1222332
edge-cache-tag
577632525504445767236670537902212649522,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Mon, 30 Dec 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03fb3955c5c25885c038fc2ef5d7014e.jpg
content-length
38943
x-served-by
cache-fra19131-FRA, cache-fra19124-FRA
last-modified
Fri, 29 Nov 2019 23:22:11 GMT
server
cloudinary
x-timer
S1576418109.064916,VS0,VE0
etag
"b0b511705a07fc681e3c036915193ba2"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 6
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1739626592&t=event&_s=3&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6427330-1&cid=579362629.1576418099&jid=1716500656&_gid=1963582079.1576418099&gjid=770694033&_v=j79&z=387515010
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=579362629.1576418099&jid=1716500656&_v=j79&z=387515010
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=579362629.1576418099&jid=1716500656&_v=j79&z=387515010&slf_rd=1&random=3488275555
42 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=579362629.1576418099&jid=1716500656&_v=j79&z=387515010&slf_rd=1&random=3488275555
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:13 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 Dec 2019 13:55:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=579362629.1576418099&jid=1716500656&_v=j79&z=387515010&slf_rd=1&random=3488275555
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=1107018&size_id=10&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.37.0-pre&x_source.tid=2d3fb5ed-1282-4f47-a6bc-d67ded475014&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.1536445517688252
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=1107018&size_id=9&p_pos=atf&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.37.0-pre&x_source.tid=54a5046a-24c0-45e7-ac15-b25ee57f5b24&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.18860212464076076
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=1107018&size_id=15&p_pos=atf&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.37.0-pre&x_source.tid=76f56635-f129-4c6e-a087-fa09d4220494&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3028904621445778
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=1107018&size_id=15&p_pos=atf&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.37.0-pre&x_source.tid=c138def3-044b-4e01-b494-3df9922a7fcd&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.36499561401868563
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=1107018&size_id=15&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.37.0-pre&x_source.tid=7e828b7d-d682-410a-b3c8-01e55552d67f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3042500452597503
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=1107018&size_id=15&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.37.0-pre&x_source.tid=960340a1-3b63-4a45-9fc7-c7d481b1ff4f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3983018944929475
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=1107018&size_id=9&p_pos=atf&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.37.0-pre&x_source.tid=0a6b6fb0-d975-47eb-b42c-58380a11ef5f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5230031823590842
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=1107018&size_id=2&p_pos=atf&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.37.0-pre&x_source.tid=25ab4a50-d9ef-43fb-a0f4-826e747a7a46&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.33049758736087353
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1378976&size_id=15&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.41.0&x_source.tid=47a100b9-aab2-4117-84a4-b1f169747e61&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7245122610673358
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1421726&size_id=57&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.41.0&x_source.tid=2526f556-a77c-48a2-921f-d39eae1a9bcb&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.947558511857483
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1378976&size_id=15&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.41.0&x_source.tid=0fdebe5f-3b4c-42ca-8ce5-b45aa60e962d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5729007964828599
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1421726&size_id=57&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.41.0&x_source.tid=42606eaa-0246-474f-8715-8644deaebfbd&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.20279895618577104
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1378978&size_id=10&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.41.0&x_source.tid=34960a39-a3c7-4367-9b9f-52b556e90ba8&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.29050320300886745
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1421726&size_id=57&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.41.0&x_source.tid=ac5f7354-b4c4-40c3-bd4b-2810d4de7fd0&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.29072065461844887
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=729094&size_id=15&p_pos=unknown&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v1.34.0&x_source.tid=5e1cd46c-b68f-41cb-9e6c-b322a73e08c2&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.37500448210093773
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=771342&size_id=15&p_pos=unknown&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v1.34.0&x_source.tid=dad73d6f-b0ed-4518-ae74-e21a46fb18c4&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2760780040241302
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
apex.go.sonobi.com
URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22174f980e387e36f%22%3A%224c4c920a6cf262ee66db%7C300x250%22%2C%2218019bab97578bc%22%3A%224c4c920a6cf262ee66db%7C300x250%22%7D&ref=https%3A%2F%2Fwww.gazetaexpress.com%2F&s=f147d2e0-dbfc-4232-8ef6-462804f5309b&pv=45356e96-df0b-43b1-abb8-7bf8df2f097b&vp=mobile&lib_name=prebid&lib_v=1.34.0&us=5&
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=729094&size_id=15&p_pos=unknown&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v1.34.0&x_source.tid=36cd10f4-61db-4300-a2da-495dae057e3c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.938970895407502
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=771342&size_id=15&p_pos=unknown&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v1.34.0&x_source.tid=867c40b3-772c-4320-a828-c477c8d8f097&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6168226910136054
Domain
apex.go.sonobi.com
URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%228769616921ad1b%22%3A%224c4c920a6cf262ee66db%7C300x250%22%2C%2297c0eb9dc779ee%22%3A%224c4c920a6cf262ee66db%7C300x250%22%7D&ref=https%3A%2F%2Fwww.gazetaexpress.com%2F&s=62e3d1e3-ee3b-425c-91b0-35aada8c6e0c&pv=a3b2e068-69a9-4bcb-ad66-85433f61e41c&vp=mobile&lib_name=prebid&lib_v=1.34.0&us=5&
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=729094&size_id=15&p_pos=unknown&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v1.34.0&x_source.tid=b3353b86-bb3a-4e1b-b7eb-15056ecb0dde&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9920435183098855
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=771342&size_id=15&p_pos=unknown&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v1.34.0&x_source.tid=38a0f7b5-5046-4bd6-ae19-d2196f315e70&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.06383795471744791
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
apex.go.sonobi.com
URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2211f6d7e3161c7af%22%3A%224c4c920a6cf262ee66db%7C300x250%22%2C%2212677f6212052ed%22%3A%224c4c920a6cf262ee66db%7C300x250%22%7D&ref=https%3A%2F%2Fwww.gazetaexpress.com%2F&s=83aa666c-53ab-496b-9362-4a8a47f9fb96&pv=6407674e-738d-440f-a7bc-ba588340138b&vp=mobile&lib_name=prebid&lib_v=1.34.0&us=5&
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| GoogleAnalyticsObject function| ga object| googletag object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| biskoInitializer object| bisko object| gjdmp object| _atrk_opts function| $ function| jQuery function| documentInitOneSignal object| OneSignal string| reqCountry number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| condLabels object| allowedCountry object| adUnits object| pbjs function| refreshBids function| initAdserver function| pbjsChunk object| __core-js_shared__ function| JSEncrypt object| Criteo object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| TWAGORAINARTICLE object| _oneSignalInitOptions number| google_srt undefined| google_measure_js_timing boolean| google_noFetch number| __google_ad_urls_id function| atrk boolean| _atrk_fired object| _qevents object| _fbq function| fbq object| bootstrap object| jQuery112405669792664327504 function| _ object| wp string| site_name function| P object| ProjectAgora object| validRules boolean| check number| max_priority number| x object| formats number| len number| temp number| selected_id object| teadsscript function| quantserve function| __qc object| ezt object| _qoptions function| __cmp boolean| done object| _sp_ object| teads string| txt function| postscribe number| google_unique_id object| criteo_pubtag function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired boolean| insticatorIframeLoaded object| ads_list object| embeds_list boolean| isPageviewSent function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| TRC number| taboola_view_id function| arrive function| unbindArrive function| leave function| unbindLeave

27 Cookies

Domain/Path Name / Value
.insticator.com/ Name: __cfduid
Value: df6307e0ca9fbd6df62bb7fb7a2a3bc441576418102
video.gjirafa.com/ Name: _mgTraffic
Value: B
.gjirafa.com/ Name: _fbp
Value: fb.1.1576418101356.1430194724
.gjirafa.com/ Name: _gat
Value: 1
.gjirafa.com/ Name: _ga
Value: GA1.2.1631907583.1576418101
www.gazetaexpress.com/ Name: UUID
Value: 7d07b0a0-1f42-11ea-81fc-02421eed0056
.gjirafa.com/ Name: _gid
Value: GA1.2.1290088955.1576418101
.gjirafa.com/ Name: __auc
Value: f7e412a616f09d7471148b30f0d
video.gjirafa.com/ Name: gjs
Value: ovh.gra2.win.web.14
.gjirafa.com/ Name: __gjci
Value: c3027e45f87148bc9d826d63a73347d6
.gazetaexpress.com/ Name: __cfduid
Value: deaba23e883999b8f9d1749a2dc52a5e51576418103
.gazetaexpress.com/ Name: _sp_enable_dfp_personalized_ads
Value: false
www.gazetaexpress.com/ Name: InstiSession
Value: {"id":"757057c7-d1d4-48e1-9b7b-8626f4fa00df","referrer":"","campaign":{"source":null,"medium":null,"campaign":null,"term":null,"content":null}}
www.gazetaexpress.com/ Name: _gat
Value: 1
.gjirafa.com/ Name: __cfduid
Value: d430da87cf7244563ee9ffb91e9e94a711576418100
www.gazetaexpress.com/ Name: consentUUID
Value: aabfc14e-f3e6-4f8a-8ce2-4c380ca5b6d1
www.gazetaexpress.com/ Name: _gid
Value: GA1.1.1579679536.1576418103
www.gazetaexpress.com/ Name: _ga
Value: GA1.1.556542942.1576418103
.video.gjirafa.com/ Name: _mgTraffic
Value: B
.gazetaexpress.com/ Name: __gads
Value: ID=6f5b1bed9e551c41:T=1576418101:S=ALNI_Mahr8WbbABXQmyS5mo_XZ-cSHDMow
www.gazetaexpress.com/ Name: visitorFloorTier
Value: 1
video.gjirafa.com/ Name: ASP.NET_SessionId
Value: b24xewmuprezvxvv1wbgk2mb
www.gazetaexpress.com/ Name: Insticator.geoBlockAds-859fcd69-b12d-4607-82e2-1c3a0600836a
Value: false
.facebook.com/ Name: fr
Value: 0pIFwjbnjas36pd6s..Bd9js1...1.0.Bd9js1.
.gjirafa.com/ Name: __asc
Value: f7e412a616f09d7471148b30f0d
www.gazetaexpress.com/ Name: visitorGeo
Value: DE
www.gazetaexpress.com/ Name: Insticator.geoBlockedEmbeds-859fcd69-b12d-4607-82e2-1c3a0600836a
Value: []

39 Console Messages

Source Level URL
Text
console-api log URL: https://www.gazetaexpress.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Multiple pixels with conflicting versions were detected on this page.
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
dom not ready, set up listener
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
Prepare to load embed: 0d8571bb-31d1-4064-9f5d-3ce6b66e7580
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
dom not ready, set up listener
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
Prepare to load embed: 0d8571bb-31d1-4064-9f5d-3ce6b66e7580
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
dom not ready, set up listener
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
Prepare to load embed: 0d8571bb-31d1-4064-9f5d-3ce6b66e7580
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
topFrame: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
params: [object URLSearchParams]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
Cookie enabled, set cookie
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
session: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
Send pageview now
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
topFrame: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
params: [object URLSearchParams]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
Cookie enabled, set cookie
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
session: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
pageview have been sent or scheduled
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
topFrame: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
params: [object URLSearchParams]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
Cookie enabled, set cookie
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
session: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
pageview have been sent or scheduled
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js(Line 1)
Message:
TypeError: Cannot read property 'setItem' of null
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
Cookie enabled, set cookie
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
session: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js(Line 1)
Message:
%s EMBED VERSION: 4.5.8.0
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js(Line 1)
Message:
TypeError: Cannot read property 'setItem' of null
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
Cookie enabled, set cookie
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
session: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js(Line 1)
Message:
%s EMBED VERSION: 4.5.8.0
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js(Line 1)
Message:
TypeError: Cannot read property 'setItem' of null
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
Cookie enabled, set cookie
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
session: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0d8571bb-31d1-4064-9f5d-3ce6b66e7580.js(Line 1)
Message:
%s EMBED VERSION: 4.5.8.0
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/859fcd69-b12d-4607-82e2-1c3a0600836a.js(Line 1)
Message:
formatedPageview: {"timestamp":"2019-12-15T13:55:02.114Z","user_data":{"session":{"id":"757057c7-d1d4-48e1-9b7b-8626f4fa00df","referrer":"","campaign":{"source":null,"medium":null,"campaign":null,"term":null,"content":null}}},"embed_context":{"site":{"id":"859fcd69-b12d-4607-82e2-1c3a0600836a","page_url":"https://www.gazetaexpress.com/"},"environment":{"device":"DESKTOP"}},"event_data":{"type":"load","data":{"pageview_type":"EMBED_AND_AD","ads":["div-insticator-ad-1","div-insticator-ad-2","div-insticator-ad-1","div-insticator-ad-2","div-insticator-ad-1","div-insticator-ad-2"],"embed":["0d8571bb-31d1-4064-9f5d-3ce6b66e7580","0d8571bb-31d1-4064-9f5d-3ce6b66e7580","0d8571bb-31d1-4064-9f5d-3ce6b66e7580"]}}}
console-api log (Line 6)
Message:
element .item-label-href arrived
console-api log (Line 6)
Message:
element .item-label-href arrived

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aa.agkn.com
ad.doubleclick.net
ads.projectagoraservices.com
adservice.google.com
adservice.google.de
adx.adform.net
adxbid.info
aj1431.online
ams.creativecdn.com
an.facebook.com
ap.lijit.com
apex.go.sonobi.com
as-sec.casalemedia.com
b2c.insticator.com
bh.contextweb.com
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
cdn.onesignal.com
cdn.taboola.com
cds.taboola.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.insticator.com
connect.facebook.net
creativecdn.com
csi.gstatic.com
d2zv5rkii46miq.cloudfront.net
d31qbv1cthcecs.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
dm.hybrid.ai
dmx.districtm.io
eu-u.openx.net
event.insticator.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gazetaexpress.com
geoip.insticator.com
gjstatic.blob.core.windows.net
hb.emxdgt.com
hbopenbid.pubmatic.com
i.liadm.com
ib.adnxs.com
idsync.rlcdn.com
images.taboola.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.taboola.com
message909.gazetaexpress.com
ml314.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
prebid-eu.creativecdn.com
prg.smartadserver.com
projectagora-d.openx.net
projectagora.net
projectagoralibs.com
px.adhigh.net
px.powerlinks.com
rtb.mfadsrvr.com
rules.quantcount.com
s2.adxpremium.services
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
sourcepoint.mgr.consensu.org
static.criteo.net
staticxx.facebook.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
sync.teads.tv
t.teads.tv
tags.bluekai.com
tpc.googlesyndication.com
trc.taboola.com
twpasol.com
u.ipw.metadsp.co.uk
us-u.openx.net
use.fontawesome.com
video.gjirafa.com
www.facebook.com
www.gazetaexpress.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.storygize.net
www.summerhamster.com
x.bidswitch.net
apex.go.sonobi.com
fastlane.rubiconproject.com
ib.adnxs.com
104.16.68.69
104.26.0.156
104.28.0.182
104.28.1.182
104.74.100.205
13.35.253.113
13.79.176.48
136.243.75.32
141.226.224.32
143.204.213.153
143.204.214.3
147.75.102.200
151.101.112.166
151.101.114.49
151.101.13.44
151.101.14.2
172.217.16.130
178.250.0.165
178.250.2.130
18.185.163.33
18.194.103.60
18.196.104.43
185.184.8.30
185.29.135.42
185.31.128.129
185.33.223.208
185.59.220.29
185.64.189.112
185.86.139.96
192.132.33.46
2.18.232.7
208.88.224.28
216.52.2.30
216.58.205.226
216.58.205.230
23.111.9.35
23.210.248.12
23.210.249.164
23.5.109.152
2600:9000:2057:5a00:6:44e3:f8c0:93a1
2600:9000:2057:5e00:1c:386f:ec80:21
2600:9000:2057:7000:17:5578:e080:21
2600:9000:214f:5a00:10:3422:3f00:21
2606:4700:10::6814:180b
2606:4700:10::6814:190b
2606:4700:30::6818:6d7c
2606:4700:30::6818:7faa
2606:4700:30::681b:accd
2606:4700::6812:e234
2606:4700:e0::ac40:6b11
2606:4700:e0::ac40:6c13
2607:f8b0:400a:808::2003
2a00:1450:4001:800::2004
2a00:1450:4001:806::2003
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:815::200e
2a00:1450:4001:817::2004
2a00:1450:4001:819::2002
2a00:1450:4001:819::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:825::2003
2a00:1450:4001:825::200a
2a00:1450:400c:c00::9d
2a03:2880:f01c:20e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.224.181.188
34.216.239.76
34.253.243.224
34.95.120.147
34.96.108.236
35.157.107.235
35.157.160.140
35.176.88.2
35.190.72.21
35.210.239.72
37.157.6.253
37.18.16.16
40.113.136.100
52.18.172.27
52.49.118.177
52.59.131.208
69.173.144.165
91.228.74.184
02757d53179a86b474d0a406b1eaaf1ff53cc755be7d5ba9586adafa8ec3a621
02bde81bad1ba866f85169f19970090ddf44163f6a7f66f9d12f46e69b911f57
04096f4650ad8700ccb70108993dc61536e5fd50bc7babe00a8119e5c21b519f
0444ac319cc4f0d5c7a75e008c430c016ec36846ed9e8e8dfd0af896599390c4
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0581f82c1691f5609769e3eb035f954a476282c010ab8eb0dcfcb027bd7814e7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08c340778f90af340b469a37d06a82535bd031fd4fdb859a20f08a6f42450585
09094e58f8654078d26bac3e0970b99066f9961e354c2f148708a6263bb7ff97
09df77701be4f66e6b0d88eace3249d3ac565d21a250ba22e1ab29e6c637eacd
09fb98a3ed180eefce986596a01b86e93190fc523c81e7a2147e35fff1536b42
0a7d0280d6a6eea65f283503784dcab7c53572f957a0eaff45943963c7582c91
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b249050c3964416cff2650eec9679d6e0a3ae824c143862abf2953a8fe87b73
0b6d81383ff606e5fa260578fae4466016aa3e61c9c391cf2210c9e8bf69ad9f
0c4c4de3d1d8d00b461709fe367b96b152eaeceeb77321de3aa20a8b406dafb5
0f144f16507d02eabc67a131e4d54ac36266dcfe3dac263a6971265371eff7b9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1140ea74da6758a4807ed0cc9c61b3d58e1bb97b7ea35aa6cba8ba5df2b9a9fb
1150565ceb8e330e6453bd8a8fb24bf2a3c26bb4737e55b317c5976e57e4d569
1194c1d29ca7cd11f79be59b08fdca876dbed47faf13c6932ec89e338c9c607a
120fb2279d5061dd4a428f935fdf10c09e95c1f2ec0346f7aaf6c8b7f382cf49
134b7f01e8d87365eab9206a86dcb7cc1aac7c567dea7a217b1cf155781f516f
13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e
147cb225d460ca845e6ff19c265f5dd53ed98422be5bde91995aa326cacc4752
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3
15bc1e4f78e0c73695f46395bffb733b08b9b471850035d38493ff64019f3880
15d352e47cf7ece9aac753d94f1f6e8b4f91577062d5aa96b85e7a6154788947
176d3c8b71aa537fbcef7e96c86e907cca78a7cfcb1dd4be723741697dc070db
18c28e133e2a5ebb12ca61e98ffe8643e3a15d8fef7bedf704b454bf7b3190f2
19b17a969c9f4b7234b4f7ea4d8e3f293a3180f1948b3eb010f31e07b7711106
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
1af75344a3c58703523ea517239fb2e61d94e90e3824a5751a873723103e2905
1b6e2e9877591145a545a7edd66198f42f0ee7fa00e7de84ceb83d8f501ce735
1c805bc236ef2efe999e3d29d8664ab4234308a1b4b83288fcf6e5330ff640bf
1d4b5ef1a4543911771f2502ceec0e9cbf6084e22ca25148a909daab5475e54a
1d7837f78e467a95e02d38524ccf385817de42e3174838364e0e299e0f035718
1defd5791b61d4a0aa9417ca6fcae832f6ce0172e61ce0290ad567e7cd511973
1e4ae65c985b79e06d75f99f24339d5a08339e3de2265e278a41152de71676b7
1e7a79a3453c3971051b8a9feec214a4eb62f95e39f9c1e33b7303b771ea5f16
20e3218d335987d99a750555e15a4b459f2bca9ba43677109a2c80fcb1ac6ee7
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
218cd0b67ca26b5a6d1891256a4402a9c2ec65a68a039d96d36b17e595ff5285
23e602aa4d316b0c9a6f6f81fb5bc61afe7e869e11d8661032db04c3f8a6cd8d
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2685a034b73d4091dbbcffb22b24c5c66379baf01cb502e5e2d2f448dbe6be8f
26cec93e93993c9f6058fe892253f13b132f7512e38c7b2c1a5bbcab671eee68
2750d10901a2cbe6573cf62b9487f38744868dfea3cbbae20fe0d07f41895518
2824eaaca36f4c1f962ae1f42a0ff91e3cdadbcd9328c02751505bb7afff992d
2a652877acf261ccff744e36db00045f15023fb40c90ecf4a0734f18ae2a5179
2ad4ec405159beb9e962e752ab2696369ee2436ac7b4e7e34c99f9ba22aa1fe4
2b44db2cd43dc336ef5685e4085e7871c3c3b9702fff15cdca60700321524516
2d25858af8d997ee529a50dde2a8e1d3279e3eef3f2aba43a6b9c8eff06836e6
2d55304796d73b5bb285af58e6a1161dd420985295b9251c09dd1f2584226b0b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e5d3b5c2cbea7fe7d49fb20271ab4bd44c31edf1d6b0fd4a4a93c88efa4fdbc
2f15124162112c62292d0989f5a73c1163b3ae8ce0020b93fb843e263910c36f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
313d23901f6cecce4c3d9487e4fe617dff2572808a47492736f716c6ddb161b8
31ed488640e806860b16cecdf2c1fbccb5e0fe0aedde1501b78cddaed51726c7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33b1316506f253761b949033f2a53c52a08446c8487230e7451bd3b166e4be88
342773fa0d89481ec7521bd4994beaa6145a54c1b35a1c4f3033bdec36dcd01a
3449924598a269ea4bb097a26449d60e8750ac58cd9bb7dc71e0d8116fd715b2
353cb80b6329eafa244b4a723090f422c14ec61c5a44e999843aa30748ed33dc
3547576e270ff501dd51c006eff7e00acd1043f2a2885391e73175af840d2446
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe
399d126f1ae434a6c3df24bfa4e7c5304350d62b234fb831981f17429e84449a
3a5111cf229fe689606efc0f1c31bce044a2a9d780f284ef27139ef0f663988e
3ae4b1134610b879a8fc02b54f498be059af407cad147386752da01e99cc9bdb
3dff2ff806f430851f79cf69774354f50bb415c86dcd27590460ed724a85ea54
40c18764df3f630910a3cd5989e975ca89e2e3b7c91dbf3d61120a74e09b30dd
415188063f906de5ed79e86bab9bafb565ed3e188a28d833645bd07974e4730d
41f31dd2e2557de961bcc07f0e0f320a637632c9ae48416c0d9ee25294ed0ffe
42b8b582a66413ff05dcd57133c964ac4ab3aa254816a376892831b50e6623c1
430eeed0076e4b943d324406f5402477e3878768474537eec934106d356b7161
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
45dc155d7dd20e88d56161ccc2252810f657aba8c40746245bbab60da9ef7b23
45df18bdacb438598423616ef9b6f85a5d26e1aab8d426209937423d477d80e6
46551ad5e1ea6f0750b389520b91bf30f7644133dd7e0fc01f8637fd54065b7e
4725f77ab9ed8e0eb6281de6dea1ed189d109d22720b73ad03150406004cb857
479deaea78a22be3bb4ba1f4f3676454ffc3cfd88a3253285e0696fad7f304c5
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb2a3739d4a6ccd168f5b936df5da7c8eb064bea8d11ac71b6fc67ecca5e115
52382611467b9b5657876fbef8d89e40f13eadb6c6ea55f511157122eb0a5cf6
52f6baa4367d3492023611c8c777e5e3a1de46e3e7649457367a2606a6429096
539a42037e10bb866363687a7aec31af4d8831e0b778facb7d98ac66bed33855
5565d8fbde0371e6c443df22c0d3234796fa502e8628a6d0337d4d3bca302a1b
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
56dbad93fd7a5c1ed7c9a0e008f8104224184948ede10c0a848ce683e9084749
5723108fe1583d6812bf943dcddd5d94bc0235a47f76cbd6121d7ce21bd068f6
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
58a9c3d5ed13b0c441242a138a402ef72c57db925b7d224f50a34c55ea3ebfdb
59a7118e43d325e146ab8259100b2b2eac1bd79e60521201d33e3b449fde909f
5a3fdd33eef5a838c25b2afe031bc8478dd97dcd175ce9b9d99c2a77163b6748
5ded5339e7df5c71a1bcd6a0297580d436eb8e87cc969499db186d6185692d6f
5ed775143132adb14be20c77bf270e7a2e53fc579b4be12f4e9ec60cd35a29f2
5f2f678ff48fa5a51868bcfb0b20cd85cc92c28b058ca898864cbbc44b840398
5f341cc02e0997801528e4da84688324e9bb1cde7db7e5e61a0e74673fb7a31c
60a6793e2a5b79a24da26057cc8088555eeb0d8767b7ab9649111902320ed516
62bc7ee490a49eaf013c8fe54fa147f0fb8e5a50e18f9767d839658641cd4c3d
62dbe2327bbebc2ab4680a7f53b6f1f3fdcc9f4f6004e2d9c50448edd5a8d770
62df3f78de325c18cefc007ed22c3f9a8e46e001436ec2935493de58d72386d0
6369eee7781e96bdfc8b8fb3d8cafa3b2e00fe1878d62d6e92a7882a58472b6a
637a33def98b55d5f35fe87c7e62cb5867862ec17812d49938f5380fa1ae49d6
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
63e939d40167f0ad47dbaf0b2ce08839a3eb4a02b53b7f1c864d8b0f14c64e08
6413b7dec6a597c00831914e8e4391b59538c6104cea547e13350840cc7c616b
660a216f0345779f00503fb6e1a05da2e3c6a04849679e23f0c4208cdda08d5d
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68557607814f0192de7c0ca91b6271099eb9f32a1b1d90f582b22c5c8d44a93e
68ac06bf066af8b878c4ccb260f74a474c1f2b500843c38f18991880cd0fc133
6a645c93a587df5075444babe7d852b13ed4e4d24e339e307551acf743e214ec
6aaed74f833357815a814fc9ae78936406b1b5794b381eccde0158977e756117
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af967f474bf5fcadb2472c57f5a3b3f3e61ec4bd723dc1e0a5fb78a5edbfd45
6c52a71e3004087e0443455ef7e43a5066e9c675a2a808666186b4f032ed776c
6db799c25ea48d2d12f5428250d46418d4aa73ee89ae1c5ff60079a47c21ff51
6df76895d91c62a47cb54db79d7f02abc0f969de0ec3b2444ca712b79d61464d
6e38d5baec7a46875c27ea055abcfd057b7949dc8f95944ee10093fd8bc0abed
6e90e9bf44a8a1ca91a713ed5045d8e4cbebc5cbec27f17db8a3f33603a06e3c
6f002bf319686f9b8f63fdf5bf2e248d8795b776c20d18a0b1d2ad358139b476
7094dd4cc3aa7fd1f4058963bc44e5824c7274f2b0d834d9c4c2a43961cd07d8
71bd1a23bfcbbd17f401984ec1a3d8d199e8fdc47faafd39fef641960f27f153
7385bfde4c121c81486ba15fd68e6d02058b8dde2853b57c79d4088d53aed62b
74a587c5c9706f95046b2dcf80f6bb90cd488ae4edb45e9bcd4507d3787a88d7
75d8123861eb05f843af822d875f255d2578965d0974366b191ed99c2b09a24a
76a90135a3f44e3108f3a857d9bc86327de6be031917368293a94cd5a6935ef8
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313
77392f8766632c2c7384609a5a5b7f759c4d5dad0e9d60e54fe7da82e5a51394
7744ba384fdd169842ac4850afddd2e32d1fb289da7241bb5889e8acb9132c92
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
7a8caf58a819f01943271d00606a52ec0f46f7fab41b3499100b5dba254c5a80
7b06c1ecd7edb03c586c7f68b5f6db6872fdc46d7ba5658989354cce06a81388
7d124c2a8f0765e64400b8a6a8a1ba85a48b92b0e0dfc60fffb138fa8dfc9121
7f6beccc2ddcba87273ee8e80a95769bcfa4a2f30a983aed883308a49855ec52
800d4734297ec32dc9a83deb683d2bf9086d919167e30c68e49baa1bcf044bba
8075fe09e142b517a80252d1befdd7c1d6f4938ada76218ad6a2ac25d7aea997
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842542e571b27f1586b2472b0f927e13973b6b47e5d9fe345abfd2436eb24fe6
84960d15f2639637207abe7d6e2e8e7e05077bb1dbd093446be5671081a0a7fc
85121a60fa28046f20d9a0f53aa7f48389804115c109dd8c1ad24b2316483d2e
8763f32863dc56f566a14c486f7c4f64aa494d41b1f19672c8b029170e062500
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a259f40e3d7b194e0786338bbbd8e6711d729168ae80d7af2e183db9627e535
8b1f01bc144c12d1f8204f0b7f7715d4c070a02f8e2dbd6ca34676c4d65704ae
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8d207a477226b283dc07dc414dba49f80224469ca61b349983c270cc59c47430
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eacf5708cb0d805548812723b2ef364b1385d36a078274aef15c0847735fa8c
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
9214ca832b0d95c3bdf05d53654bbc1bb5b9d1eff8f95e2f2e4d4c52f143abb3
9268ec26ea38d7dfdfdde2c12c230578251e2d9176bf36dfe1dc8253cf2662c9
93979734947e854eb73795a9af1a01327203459fa171b49622691fac72fb8576
94867734c0e322b1f7640385a0c9480d08f7f8365f741a6ce7c006a1f3c1dcb1
954fd87b2831f0cd69ad6352c12b9656cf19faec3eb8fbe4343c4ea59a96535c
955a576f318bc552e92188388ba4e7e9c58b8395a120555fec04c005f47dcc0b
9596dc6f8bd628194e135779a3ecd0602b9534958c11b28d13e7f00f48e56df1
98635555ea57caf63d9c28a18386dd76d0243bd443eca464ac44d19f33372119
9a43da37e3657dee8b2824752a921ae0a9caec2d2bbc5326927661fb46531952
9a8ef85ad07a0398c750954f03e38de5a51e4d47057637eeb95a05b2a5ede09c
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9dcb9c90c1910cc70bcd88e2743abbd913341041c69f7e9a2090af8b7cd0e3c4
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9ee8b6d130930d5bd915ed36174ece5d79c9fe8c2587533628036d855f253a77
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1c03b90229ebfb007eb21e8aa0d8a9ed17754f7eebc287baf3150b9d4db588f
a1caf03e6b717869cc3645ad474f902b9797446f7756d0b70c7fe6874eeada82
a24a1be1cf61d08ebe4a84e5daaee19a0be57d8d62f6e6e9e98d8b9d0c328f9f
a25e14865126cb8fb6fba6ec8e05a94bf93b5f999bcc8785a80b54001d120eb5
a268cc7a2f7e81a2c72c106cf526e8ece2ecd327aec227b510d9a7ffb21a13e0
a329fc1a599ca07d6606a56a0ddff9954fcc355a788a5bd85365844aec4ef642
a366318312a5430409065a7e85830adb1a34578a1bd0c364d74faea4953527d4
a58c2e97245f108b401b45615160c63e649b90a067a76a1a9c793510a53e2bf6
a76ee56f6e6e258bf365f1150e535482ccb21eafeb291d353b046f69fb255cd8
a7abd8c0ad4c5134575fc0bfd25cc8014c5a05bd6d9a855bd5713137c33994eb
a80ed123fc6e616e3595c2172616add173dfb5085f72f4811f10bb45c35c1c1e
a82712e7f23f58c7f3c38944001a3fd5f077e89de326b729da4c145ff033b232
a980ae1b3e8754977e50b84ebc09eb799da90354f48d055caf339f28fe443c36
ab6d4abbd32a564713ddbfd930ba8d7799d52e7011b6db0a7a8aea15d3ba7699
adb6166839b19271e4d3b9eb148b11e513260e259d2011a8cb971f2d75700235
adffd5a2eae80b37cc6d91326eedd531f055ee1f6945ac8b1c820e035c6403d0
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56
aeb5540c19002caf52af3502b43ff4d503ec33ace0119153b8ea525cf1e1d580
afb36c4701f9bc1bae7cdc78cea3b2b01cc939efe9b6712568e2b4adcc64d2e8
b0297128952e1e2330b6bf9e54c0f3f59636d201ae74f5f16a111d443fbcf488
b037adf24e4303524216ff2b7ca83b60c32d776e41439367d1508eb32946c2b1
b0b41ead7d73c51545a6b97022fdf4a60c64d4910136516f2f8832d2f11d7bed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4165c20cc24e4c7634e315b4f516b3d08dfffe206b505b6e1a5abe41588b21b
b4e269c969f75a4e211b5af1b663d2a9860b05821225682c487265aecc5a1c99
b6c9951caf0fda85d0fc4218e1cf4cd5ff686bcefcfc4b853649260528644375
b7f09fcd3b0e1ea0802316344863eb8bfe55c8401f29fbb9a2d0fe2e4595a2d6
b8d14566f654e1ef9fbc1eee065f207c8a1a65cb8cc36ec3959e96cdf2a8f7b5
b90d0cded9720b6d4c487472776555df0db4914ba5bb91fead64cc826bc2d854
b9a26d33ba6c648956d985539ffeab6091d4272ebddf2d129d57b7bb101e6480
bbc094c7a37c4023caa20afdef1b0886e721fa698643545afbc0c3808031f3c2
bdfc8660b7bc66e1df0b0d8c7e1b09c83362acfc3d92a0d5bef8179e7878ef61
bec64e44830f22cecd81d3a043572dbbf3d50e887c572c0e212add2dc93aeb2f
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0
bfdb343d596c692008643e1e6aaaffdbcf7459c28b0a90bf808bb1d2ff397f4a
c1ceb2b66a719b3e746ccdd19e28c7dc970c0e500dee336d9f6f8b45a9df7c27
c241ff76d0531002c20e5a3afc8a61f6aed1bee8aa26e84099395e6a80a27c32
c41d4a15e6519eae34880cdc318f91fbbd6e5ddd6e92991a87a81f841f5489f4
c5e60a8d38036fcb846343a91cfbc136e3ce20d2d8862647d5b4934224db74c3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca8fb7a8194728b9c16058a207355d712d9dc78ed439465322f5357e6acf30fd
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cab250f6372fb6a72debe125d1195e4cad09a6e77299aa1dc1b14d1a287512e4
cc6b70ed41092145810eb7b5e769050bb37c1f41977e87e499dfdf106fb0ce07
ce314178842e6606a8ff7626000deca961d99324be36eceba70a8df5f8f21c40
d03423bbdb532af967e60a2097a72adc0f0d0a4628a49bdd1fa5ec5822a880b8
d199de8e1b89861eb7e50b576c292321b023b1faae1d7598255a99d20d63b067
d22a340e6f57a5fb06db703ca9ee32bea2909a2ae86c1f9fbb08cede1d8875e2
d41f187c0b24fe24b33a08d35b2290afd0233eedbd14b17a2267834a5dca946b
d67efaeb638d7f5a0bff6f019008ec0102c8c7ba34ae3fe9eeb632ca1ee02c51
d8369e98af36a8f0830b0367512dbc70852672313261164db123651de7c76b83
d860bcd49cc302f2ac6948ce99b714152920b39d660a72c82b75aff600967d03
d886d5ebc82702a59b77b8e06327f4b1b6933fee42b3309d3821ba39f2db6ddc
d8c2e469b3e2f8f23eed0b99557538e8ef7d9d1e636e45b027b9d888e75acf4b
d8c77081c4f577611af87b47e1c22b123cee863c8a0fbf12c9f1ca7b9d65860c
d9303f268458366f6c38986aff8a48e56e5f12e8784bb7561a9e09d4e4b98f94
d937013fe26d9e0d2387a7a74645411a35b1e125648bc3dad60d7d0a732bf51d
d96ada6fa35f3ddd720360a91619e18562a6f102fc287570e76691207beda03e
d97e7f04bbf43d7bba48152ddd3655e11829e08ecde06ac86b58909abd16c5e7
d9e8f6a09ef41b5febb82e983724b173281e4a58df63c12742310e7d139989d5
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dbbf84fd94f31f25ff44a7bbd7aaca1a977b7b212e0f33e3ef51d2e365873281
dc0695cb13e42eb5d3a52290ce5ae539cc72c36f4ffcd4c57ca774742c27a058
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e23b3a59a2ae93d0c056d8afd86634e7e1c533ab327af276a9ce9641dc454937
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ef2980e22c4470655bbe8ca28a3d4f88b444d79e63d976e2eed5861b0f774d
e40ce0930cd0748fb92bc75739f641212565a3f3f2d719c667f90083d07fbaac
e45e133f84a011e19c0afac934c4efe5270cce192405414ab112500d71d51ac8
e4632a3c4f47affda813ad7e742e28b6c72f02a05d4dfdd691615066e7ccb453
e4cea969acd75c4a1d1fd3950c397486ed14625d27777d70a205a8286cae0f3f
e560ad05008507998e37a102517bcb869cb974f6bcaa447c0013e21a02c16226
e67ba7fc0544528a494066921321897b801057496412b44790a3eb15d6bcf81b
e75c15c8b76b0fb78051afcb56b417e0207722683763ec212aef01af5eb48225
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
ebd3295baa9b70775c0f2c198d359668be5e246a4b295fd93ad0f4f5d222d85a
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ed6e695d1fe3127efc9007f582467fd8a362e7f615ca18e8411aefadab5502c4
ede1815b17e451c16258034bcf89a7957256c67884aefffefbb97020770fdc06
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053
efe33dcc2df517cdd648947e2d644014e8dc13b42813314b7022c430420f24aa
f013217923d9d8b35bfbee4b54f4f85a7d256390ba4e17428f09b9e46bbb098f
f2d6b3bdc5f21c342ef91e33663c718bea60245c80dbfe201f2835aa71595211
f3a02ebe2f193291411750cfe0ff04c868b934606721d8e1aa03abf15dde8569
f4b067a11d46a729e2a980a01c3beff8029cf238e85094f778422c8d6ee2f088
f5057f8b1ced4dc7f9cd6dcad22abdf06e0dd16de9a9d6ad47e6f1bb2e0cf9a7
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f69b853208136000dc2008c0aa5b681f75d91f1c56800074ef4e6615b6f6c1b8
f76844b0495cc97fae5765a9786f1b977f878e505112cbc59ace3b3807f24a93
f837969465caa758ffac43a98621d29f06efd58ab96129bd16562ef341bf86d0
f894672225f1ff3807d9cab0bb994e1adeb681357278b3d3270edeb856a20762
f9e5a670cac6d8e4725a3fb6144238805de4a31119564d64011e82db42b7832e
f9f3502b9a446bc310bd2d33ffa73b54c2d03c94d1d7d9be62e5995297e083f1
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8
fce74534ec518a825b427820c64bd4ccdcc78a2cc2ef6299e1110d7e35ff02f7