www.tuko.co.ke Open in urlscan Pro
23.55.161.208 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tuko.co.ke/
Effective URL:
https://www.tuko.co.ke/
Submission: On February 11 via manual (February 11th 2022, 6:35:00 pm UTC) from KE — Scanned from DE

Summary HTTP 179 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 57 IPs in 9 countries across 44 domains to perform 179 HTTP transactions. The main IP is 23.55.161.208, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.tuko.co.ke. The Cisco Umbrella rank of the primary domain is 260460.
TLS certificate: Issued by R3 on December 6th 2021. Valid for: 3 months.

This is the only time www.tuko.co.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	92.123.225.50 92.123.225.50	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.55.161.208 23.55.161.208	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	99.84.85.10 99.84.85.10	16509 (AMAZON-02) (AMAZON-02)
11	2.16.107.74 2.16.107.74	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	116.202.11.241 116.202.11.241	24940 (HETZNER-AS) (HETZNER-AS)
14	2.16.107.91 2.16.107.91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:303... 2606:4700:3035::ac43:d121	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.185.181.98 18.185.181.98	16509 (AMAZON-02) (AMAZON-02)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
5	188.40.118.169 188.40.118.169	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.248.34 18.66.248.34	16509 (AMAZON-02) (AMAZON-02)
1	52.219.169.38 52.219.169.38	16509 (AMAZON-02) (AMAZON-02)
1	99.84.88.25 99.84.88.25	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f13:57e... 2600:1f13:57e:7b01:8aeb:562e:2487:980f	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 5	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
1	2a02:6b8:a::a 2a02:6b8:a::a	208722 (YNDX) (YNDX)
17	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	213.202.235.9 213.202.235.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::18 2a02:2638::18	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 16	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 6	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	34.102.163.6 34.102.163.6	15169 (GOOGLE) (GOOGLE)
2 6	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:3bb1:ba5c:766d:e813	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 6	209.54.180.3 209.54.180.3	16509 (AMAZON-02) (AMAZON-02)
2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1 1	64.202.112.127 64.202.112.127	23352 (SERVERCEN...) (SERVERCENTRAL)
1 2	52.30.14.23 52.30.14.23	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	52.86.198.120 52.86.198.120	14618 (AMAZON-AES) (AMAZON-AES)
2 3	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.183.112.148 185.183.112.148	60350 (VP) (VP)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
179	57

1 92.123.225.50 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-50.deploy.static.akamaitechnologies.com

tuko.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.55.161.208 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-161-208.deploy.static.akamaitechnologies.com

www.tuko.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.84.85.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-85-10.muc50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.16.107.74 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-74.deploy.static.akamaitechnologies.com

static-tuko.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.11.241 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.241.11.202.116.clients.your-server.de

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2.16.107.91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-91.deploy.static.akamaitechnologies.com

netstorage-tuko.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:d121 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

n.mail-tuko.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.181.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-181-98.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.40.118.169 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.169.118.40.188.clients.your-server.de

tt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-34.dus51.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.169.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com

media-tuko.s3.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-25.muc50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f13:57e:7b01:8aeb:562e:2487:980f (Boardman, United States)

ASN16509 (AMAZON-02, US)

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8:20::215 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.9 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.163.6 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com

ad.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:3bb1:ba5c:766d:e813 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 209.54.180.3 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.127 (United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.14.23 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.198.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-198-120.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.148 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googlesyndication.com c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	727 KB
25	akamaized.net static-tuko.akamaized.net — Cisco Umbrella Rank: 673801 netstorage-tuko.akamaized.net — Cisco Umbrella Rank: 279828	397 KB
21	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	214 KB
13	casalemedia.com 4 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 427 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	15 KB
11	criteo.net static.criteo.net — Cisco Umbrella Rank: 638 csm.eu.criteo.net — Cisco Umbrella Rank: 7893	100 KB
11	amazon-adsystem.com 3 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 263 s.amazon-adsystem.com — Cisco Umbrella Rank: 266	44 KB
8	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 736 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12444 ads.eu.criteo.com — Cisco Umbrella Rank: 7942 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10187 gum.criteo.com — Cisco Umbrella Rank: 355 mug.criteo.com — Cisco Umbrella Rank: 3197	25 KB
7	3lift.com 2 redirects tlx.3lift.com — Cisco Umbrella Rank: 532 eb2.3lift.com — Cisco Umbrella Rank: 356	3 KB
6	google.com ampcid.google.com — Cisco Umbrella Rank: 1677 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 59	2 KB
6	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 15108 tt.onthe.io — Cisco Umbrella Rank: 12425	20 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 346	111 KB
5	yastatic.net 1 redirects yastatic.net — Cisco Umbrella Rank: 6444	153 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
4	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 618	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	151 KB
4	media.net prebid.media.net — Cisco Umbrella Rank: 1112 contextual.media.net — Cisco Umbrella Rank: 478	18 KB
3	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 789	1 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	793 B
3	google.de ampcid.google.de — Cisco Umbrella Rank: 50820 www.google.de — Cisco Umbrella Rank: 6342 adservice.google.de — Cisco Umbrella Rank: 9027	2 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 2951 onesignal.com — Cisco Umbrella Rank: 1314	74 KB
3	tuko.co.ke 1 redirects tuko.co.ke — Cisco Umbrella Rank: 246863 www.tuko.co.ke — Cisco Umbrella Rank: 260460	36 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 629	856 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 265	470 B
2	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 6649 certify.alexametrics.com — Cisco Umbrella Rank: 3749	3 KB
2	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 210	1 KB
2	mail-tuko.co.ke 1 redirects n.mail-tuko.co.ke — Cisco Umbrella Rank: 653903	1 KB
1	sitescout.com 1 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 542	299 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 615	777 B
1	adotmob.com 1 redirects sync.adotmob.com — Cisco Umbrella Rank: 1254	307 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 931	88 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 653	425 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 523	301 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 212	592 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419	1005 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 439	707 B
1	mrtnsvr.com 1 redirects ad.mrtnsvr.com — Cisco Umbrella Rank: 1554	250 B
1	adform.net track.adform.net — Cisco Umbrella Rank: 3678	304 B
1	gstatic.com fonts.gstatic.com	28 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11797	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	yandex.ru yandex.ru — Cisco Umbrella Rank: 1378	75 KB
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	amazonaws.com media-tuko.s3.eu-central-1.amazonaws.com — Cisco Umbrella Rank: 708317	22 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	41 KB
179	44

	Domain	Requested by
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.tuko.co.ke c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com cdn.ampproject.org tpc.googlesyndication.com
14	netstorage-tuko.akamaized.net	www.tuko.co.ke
14	securepubads.g.doubleclick.net	www.tuko.co.ke securepubads.g.doubleclick.net www.googletagservices.com
11	static-tuko.akamaized.net	www.tuko.co.ke
9	static.criteo.net	ads.eu.criteo.com static-tuko.akamaized.net static.criteo.net
8	dsum-sec.casalemedia.com	2 redirects ssum-sec.casalemedia.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
6	s.amazon-adsystem.com	3 redirects eb2.3lift.com ssum-sec.casalemedia.com
6	cm.g.doubleclick.net	2 redirects eb2.3lift.com ssum-sec.casalemedia.com
6	eb2.3lift.com	2 redirects static-tuko.akamaized.net eb2.3lift.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	yastatic.net	1 redirects yastatic.net
5	tt.onthe.io	cdn.onthe.io
5	www.google-analytics.com	www.tuko.co.ke www.google-analytics.com
5	c.amazon-adsystem.com	www.tuko.co.ke c.amazon-adsystem.com
4	ssum-sec.casalemedia.com	2 redirects js-sec.indexww.com
4	js-sec.indexww.com	static-tuko.akamaized.net ssum-sec.casalemedia.com
4	www.googletagservices.com	securepubads.g.doubleclick.net c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com
4	www.google.com	www.tuko.co.ke securepubads.g.doubleclick.net tpc.googlesyndication.com
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	match.adsrvr.org	eb2.3lift.com ssum-sec.casalemedia.com
2	bcp.crwdcntrl.net	1 redirects ssum-sec.casalemedia.com
2	x.bidswitch.net	eb2.3lift.com ssum-sec.casalemedia.com
2	contextual.media.net	static-tuko.akamaized.net
2	gum.criteo.com	1 redirects static.criteo.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	prebid.media.net	static-tuko.akamaized.net
2	ib.adnxs.com	static-tuko.akamaized.net
2	bidder.criteo.com	static-tuko.akamaized.net
2	cdn.onesignal.com	static-tuko.akamaized.net cdn.onesignal.com
2	n.mail-tuko.co.ke	1 redirects www.tuko.co.ke
2	www.tuko.co.ke	www.tuko.co.ke
1	pixel-sync.sitescout.com	1 redirects
1	p.rfihub.com	1 redirects
1	sync.adotmob.com	1 redirects
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	ad.turn.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com	eb2.3lift.com
1	ad.mrtnsvr.com	1 redirects
1	mug.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	track.adform.net	ads.eu.criteo.com
1	ads.eu.criteo.com	c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com
1	rtb.nl.eu.criteo.com	www.tuko.co.ke
1	fonts.gstatic.com	fonts.googleapis.com
1	m.exactag.com	www.tuko.co.ke
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	yandex.ru
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google.de	www.tuko.co.ke
1	onesignal.com	cdn.onesignal.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.tuko.co.ke
1	certify.alexametrics.com	www.tuko.co.ke
1	media-tuko.s3.eu-central-1.amazonaws.com	www.tuko.co.ke
1	certify-js.alexametrics.com	www.tuko.co.ke
1	ampcid.google.de	www.google-analytics.com
1	tlx.3lift.com	static-tuko.akamaized.net
1	htlb.casalemedia.com	static-tuko.akamaized.net
1	ampcid.google.com	www.google-analytics.com
1	www.googletagmanager.com	www.tuko.co.ke
1	cdn.onthe.io	www.tuko.co.ke
1	tuko.co.ke	1 redirects
179	68

This site contains links to these domains. Also see Links.

Domain
policies.google.com
sportsbrief.com
kiswahili.tuko.co.ke
www.youtube.com
corp.tuko.co.ke
docs.google.com
jiji.co.ke
www.facebook.com
www.instagram.com
twitter.com
t.me
play.google.com
apps.apple.com

Subject Issuer	Validity	Valid
legit.ng R3	`2021-12-06` - `2022-03-06`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2021-05-06` - `2022-06-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-12` - `2022-05-05`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.s3.eu-central-1.amazonaws.com Amazon	`2021-12-09` - `2022-12-06`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-13` - `2022-11-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-16` - `2022-09-14`	a year	crt.sh
*.yastatic.net Yandex CA	`2022-01-22` - `2022-07-23`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-06`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-04`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2021-12-06` - `2022-06-06`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
adentifi.com Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.tuko.co.ke/
Frame ID: 8EFF1936C0CEA060F3AE45E39D0996A2
Requests: 92 HTTP requests in this frame

Frame: https://c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A6F92C030D4901F85357C5F662EDC08D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2019.js
Frame ID: B8A4916F2F6711648C3B9CB88009418B
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022201141909000/amp4ads-v0.mjs
Frame ID: FC6CBD404968EA985CA05AC2F4950F3D
Requests: 18 HTTP requests in this frame

Frame: https://c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B91302DB06DA22463C25E273DA494A00
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJQa8k7Nb7P8GsmiiZo12N10CWlEOl6Yrc7NzIXtHmrng1Inuq3jc9BtXUknvayvlXUprkKT0lleNJJYmrOWHtGxUtmMhMCrzUc5jJ2sd7x5mN2I5yH7fgN7tMrid871SA2_14lIBwbGNhMlJHLyKXDZUNpRdR_VeDlLvgM6EXDVUEFv0htGjvjLQWQxiij_dkduLe89wYqhNeD8bRTYCbKR0N04_HnmrFalLix-74_vz0gAqq4eC6Slxq2uZBRpB02n3E22Y_7PCYpGZZZlYxmX0TrmwfzXtcsByM8ULRd2s7WBT1gUltNE2bUlb4iEs&sai=AMfl-YQB9SbOKIQcftQH0F2N6mmrndZc17RbPRrhhBY6XdBBImRx0HdehKMVe-AKPVml_pYKKRGjbbHAvtZ9hEFInQtx9-Erct3ckNfL5dLYjrD6_tMRsWHi7KFCjh_3xwiC&sig=Cg0ArKJSzLVCgUoWYeCMEAE&uach_m=[UACH]&adurl=
Frame ID: FBFA0F8E71C1906996F49D44CC023AB4
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmDu3FBM1ty3R3gflKQNuPrhrxgl_RABdILIfCYG92qh_Hg8UG9ljRIqCHvS22Ei0SA3FFC0yzwc1b9xKzONyMGuT4-Y_oPbpOntiaj0sxUesUo2PhtDDJTCNLaE18a0rts6M4GfOND5LQEJ22HuzIeoAVpnFzc9bQcmbHwfu3DCBrUkzD3T5roKPysu9X4YGhWAU5T_yMKjwbQ8jhcyNkJTtSDSFqPH-3XyrKuPQxg7EaiGRC1b3udZxGnkjR_SC9s0Wr_ieFKYynSmQKJYYRgF6r2_LKJYl7Vnjl8cTQUj_6AW0b63tgrLuDT6Lpupz0bEQNntETWw&sai=AMfl-YSkQNVN0YTO0pB8xuNLzUZddjLWkv2x6sw8cZ0nnpeLN-stMs2RzdHz0oxJMI7AXJdKe85aF5umpgWluAz2GSrZtfJOzCbCA1i0IUKSTkNoqrWxMPuiY7UgmF0JYPcl&sig=Cg0ArKJSzByGi_ZxwFmOEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3C109280C0302DBA130B4B422D3F9925
Requests: 3 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgasTQADKEsK3o7aAAElUKxaXShDr8JVxkN0NQ&u=%7Cmdzgi9uH7qxdb0INvidMifFk0IBzU7rNCOOi6NhvPZE%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOU5AMaLM1svmhOPUwziPtPUxy_vcdHm499oHcrEl8yasP-6o34O5WlBtawamP4Efxdx0hmrGsLhK7Tze4ChOJuUFln1_O8JfDndG2bm45MSqNv3Ck5tnVGgChytcKqyQ2Zq5GdyVX1gAp5551-u4cLVtL-Y4xqIY-5dlhBZb4qYfCgmzbN3g0G-l-pukA3ZUAZDWYqSRlH2vNL2OWp-q2aDrNLCPFDHH9RmB5znGS11GuctffEMEqo6EpOa1ZP4DyeDeb-YJhGevtPOpTU5_HzqV0cFUZOdKbKXfWUsVOAAJXyP67GUt1IVfCklUTvtA7jo67cqhtdCekrVkkHurow8hwZkeAXp-0_ycUCECDV5713_O6hKjirIM3-1LmU7g0or7tQSaTJdy4eLiudGdDJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPdNuTawGYsvQDNqd-gbQyoSwBsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzg3OTU1Mzc3NzM3MDk2MaAB1bbS6gPIAQmpAlVGqJkPIbM-4AIAqAMBqgT8AU_QQLtQGCopUDpq05Cy8lvl4jfJrr98SWSMzOSTfX8pN52D5IbPVMNN40mHU97zW0_q20Lrsxu57aWoEVVZwk33RATH8m3ipnDXqc-XUZf_evdJxDxBvS_mCqoTvo8ABOm6lcINWuF3QD_kq8dEk5uA9VtCjvbiLXn9bX6qM0b6P6-ipI7c6E6EWrC4UqVZXDDOE0AAZOOp6iGaPH8Cq4eFYuKW9qqXTXWhTqrUulNzhlbyoCZhyb59u_jsPCw5LtK75IY2RAyhi3MX7lDpd-BKLhkdnV8Y4mWe3LjJUT-yrBqpb9MawvY4vA7mIUrmD_v4kGWl_CfJC2BsZuAEAYAG18WPkZrImfKQAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1OoAm49rtqJzOdFKScKYiIxIeHfQ%26client%3Dca-pub-3879553777370961%26adurl%3D
Frame ID: 5AF9F8B262B47691EA7F55B83D5CFEA4
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ADAAFF6E8104E8717FD6B8E0EA28F02C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AB217B627742FDDB99E36AC43404BC9D
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.tuko.co.ke
Frame ID: 37B5CCEEB2EC44D1A4308B1E5CFB6C64
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2C279339FE127F094BE46FB90F4B7288
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 5E3609088ACB9134DD6117F6D5D99D74
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9A6D615C23B41F783D1296DB55107C47
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU1FDX19&prvid=2034%2C2033%2C2031%2C2030%2C173%2C251%2C175%2C255%2C233%2C2029%2C178%2C2028%2C3017%2C2027%2C3016%2C236%2C214%2C159%2C237%2C2025%2C117%2C97%2C99%2C55%2C77%2C38%2C3012%2C3010%2C182%2C2040%2C141%2C186%2C222%2C3007%2C201%2C4%2C246%2C2037%2C203%2C126%2C80%2C10000%2C9%2C229%2C108%2C307%2C208%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: B35C71C9C9F92AA3314EE42B7A646201
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU1FDX19&prvid=2034%2C2033%2C2031%2C2030%2C173%2C251%2C175%2C255%2C233%2C2029%2C178%2C2028%2C3017%2C2027%2C3016%2C236%2C214%2C159%2C237%2C2025%2C117%2C97%2C99%2C55%2C77%2C38%2C3012%2C3010%2C182%2C2040%2C141%2C186%2C222%2C3007%2C201%2C4%2C246%2C2037%2C203%2C126%2C80%2C10000%2C9%2C229%2C108%2C307%2C208%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 9D1CFDD6D2157AE9CD759D7FFC64579B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 1B3E5FB4BA0124239C7723023359C372
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: B66AE80D0AA26495781B9E5E5653210C
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Breaking News, Kenya News. Today's latest from Tuko.co.ke

Page URL History Show full URLs

http://tuko.co.ke/ HTTP 301
https://www.tuko.co.ke/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Page Statistics

179
Requests

90 %
HTTPS

44 %
IPv6

44
Domains

68
Subdomains

57
IPs

9
Countries

2285 kB
Transfer

5486 kB
Size

49
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://sportsbrief.com/
Title: Sports

Search URL Search Domain Scan URL

URL: https://kiswahili.tuko.co.ke/
Title: Swahili

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/tukoke
Title: Tuko TV (Exclusives)

Search URL Search Domain Scan URL

URL: https://kiswahili.tuko.co.ke/siasa/443097-sabina-chege-aagizwa-kufika-iebc-kuhusiana-na-semi-za-wizi-wa-kura/
Title: IEBC Yamuagiza Sabina Chege Kufika Katika Afisi Zake Kufuatia Semi Zake Za Wizi wa Kura

Search URL Search Domain Scan URL

URL: https://kiswahili.tuko.co.ke/siasa/443087-shairi-tamu-la-msichana-nakuru-lamliza-dp-ruto-my-dear-president-be/
Title: Shairi Tamu la Msichana Nakuru Lamliza DP Ruto: "My Dear President to Be"

Search URL Search Domain Scan URL

URL: https://kiswahili.tuko.co.ke/siasa/443081-silas-jakakimba-ajiondoa-katika-mchuano-wa-ubunge-langata-kumfanyia-raila-kazi/
Title: Silas Jakakimba Ajiondoa Katika Mchuano wa Ubunge Lang'ata Kumfanyia Raila Kazi

Search URL Search Domain Scan URL

URL: https://kiswahili.tuko.co.ke/siasa/443072-korti-yafutilia-mbali-kesi-ya-oscar-sudi-dhidi-ya-mama-ngina-kenyatta-nina-furaha-sana/
Title: Korti Yafutilia Mbali Kesi ya Oscar Sudi Dhidi ya Mama Ngina Kenyatta: "Nina Furaha Sana"

Search URL Search Domain Scan URL

URL: https://kiswahili.tuko.co.ke/siasa/443057-hakuna-kura-ya-mtu-tuliiba-dp-ruto-amjibu-sabina-chege-wacheni-bhangi/
Title: Hakuna Kura Ya Mtu Tuliiba, DP Ruto Amjibu Sabina Chege: "Wacheni Bhangi"

Search URL Search Domain Scan URL

URL: https://kiswahili.tuko.co.ke/siasa/443050-mlima-kenya-wanachama-wa-odm-wataka-raila-afukuzwe-chamani-kwa-kukandamiza-demokrasia/
Title: Mlima Kenya: Wanachama wa ODM Wataka Raila Afukuzwe Chamani kwa Kukandamiza Demokrasia

Search URL Search Domain Scan URL

URL: https://corp.tuko.co.ke/
Title: About Us

Search URL Search Domain Scan URL

URL: https://corp.tuko.co.ke/contacts
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/1ysgfwoimcaw9bd5pypzxk3wja4gwnisxdrxptzkheek/edit
Title: Submit your story

Search URL Search Domain Scan URL

URL: https://jiji.co.ke/
Title: jiji.co.ke

Search URL Search Domain Scan URL

URL: https://corp.tuko.co.ke/drive
Title: Tuko.co.ke Charity

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tuko.co.ke
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tuko.co.ke/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/ucl6icab9mebcsmq5zmr446g
Title: YouTube

Search URL Search Domain Scan URL

URL: https://twitter.com/tuko_co_ke
Title: Twitter

Search URL Search Domain Scan URL

URL: https://t.me/tuko_news
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tukoswahili/
Title: News In Swahili

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.insomnia.kenya.newsi

Search URL Search Domain Scan URL

URL: https://apps.apple.com/KE/app/id1030320498?mt=8

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tuko.co.ke/ HTTP 301
https://www.tuko.co.ke/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://n.mail-tuko.co.ke/online/26 HTTP 303
https://n.mail-tuko.co.ke/online/26?ar=1

Request Chain 81

https://yastatic.net/pcode/adfox/loader.js HTTP 302
https://yandex.ru/ads/system/context.js

Request Chain 156

https://gum.criteo.com/sid/json?origin=publishertag&domain=tuko.co.ke&sn=ChromeSyncframe&so=0&topUrl=www.tuko.co.ke&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=_FQgtnxiekdhaFliWmc0c1QvVGxyOEpWRVBJdmdnTDI0cEZRVDY2Mk9FRDFiVUhIb25wNDkySEpTbVptRHNrR0FSQmRVZEZMaGw3eFc1V3ArT3pralY5d2hUeUxHd1NEcmFNZHVRa05kcjlLMkpRWXVQckNZd1JYYXdCbmFMYUszeHE2cXIycWhmSEEvUERiVkovSlN5RWRObGxkWlpuTEhKbnlOaEk5dldzWUxybllXYVlXL2N2OVA5WFdhanJMUTdJZlg4Z3Zkems0YW1RTVUrUTFxc2E1L2x5OHRjS1dyR2RoWjZiQmwrdUN6VVNWMzZobHcrNEhRTG40Z0hNV3IrRFJ6Y2lHbTBIK3lhLzZ2R1FtaEJzL2VoQT09fA&cppv=2

Request Chain 159

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 164

https://ad.mrtnsvr.com/sync/triplelift HTTP 302
https://eb2.3lift.com/xuidmid=7976&xuid=YPhZGA7fM&dongle=u6nf

Request Chain 166

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1MDgwNDgxNzEwMTAzNDk2OTY1NA%3D%3D

Request Chain 168

https://pr-bh.ybp.yahoo.com/sync/triplelift/3250804817101034969654?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-.7ywlYJE2oRySj2RHJpOqiEzwLANb3ghzXpSSSTP.g--~A&dongle=0883

Request Chain 170

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3250804817101034969654 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3250804817101034969654&dcc=t

Request Chain 172

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 173

https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 174

https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 177

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgasUAEBVV.n.JYmJiTz4gAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHUP7JRaCViF0YOmTdOOONk&google_cver=1&gdpr=1&google_hm=2

Request Chain 178

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgasUAEBVV-n-JYmJiTz4gAABGUAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgasUAEBVV-n-JYmJiTz4gAABGUAAAIB&dcc=t

Request Chain 179

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YgasUAEBVV.n.JYmJiTz4gAA%261125?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YgasUAEBVV.n.JYmJiTz4gAA%261125?gdpr_consent=&us_privacy=&gdpr=1

Request Chain 180

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7814101920575073178

Request Chain 184

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgasUExTXl8zPgvIdbIeAgAABF4AAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgasUExTXl8zPgvIdbIeAgAABF4AAAIB&dcc=t

Request Chain 187

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgasUExTXl8zPgvIdbIeAgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHUP7JRaCViF0YOmTdOOONk&google_cver=1&gdpr=1

Request Chain 188

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6978908971970869620&uid=Q6978908971970869620&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 189

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

Request Chain 190

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588519493769503

Request Chain 191

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1647196497

179 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tuko.co.ke/
Redirect Chain

http://tuko.co.ke/
https://www.tuko.co.ke/

298 KB
36 KB

254ms
160ms

Document
text/html

23.55.161.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tuko.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.161.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-161-208.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9ca0a5b3e3680d44390a818f5238b3c30c282108dc08df67b0a281c2fec3c886

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
content-type: text/html; charset=UTF-8
content-encoding: gzip
content-length: 36014
date: Fri, 11 Feb 2022 18:34:52 GMT
vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://www.tuko.co.ke/
Expires: Fri, 11 Feb 2022 18:34:52 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:52 GMT
Connection: keep-alive

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 58ms
15ms Script
application/javascript 99.84.85.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.85.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-85-10.muc50.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:21:59 GMT
content-encoding: gzip
age: 772
x-cache: Hit from cloudfront
timing-allow-origin: *
server: Server
x-amz-rid: 1GDBWGR0TWS144DCAP5R
etag: c1da564f59b83b9805e8df92eca012f5
vary: Accept-Encoding
x-amz-version-id: GtBleBshAfJx9KFXwg43LDlo50FXi9le
via: 1.1 22a1b3c2f1a7b6d72ce563a230b92a90.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: K81hznUJdrb4X6NB2Janp_xessIf55hKrJhA_6nAdMEijwbgHPK6Qg==

GET
H2 200 prebid.js Show response
static-tuko.akamaized.net/tuko/js/ 344 KB
102 KB 73ms
15ms Script
application/javascript 2.16.107.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f445d863495addeabae2a9abbbe80a7cbad17d512a61c92c57f3348079b2591b

Request headers

Referer: https://www.tuko.co.ke/
Origin: https://www.tuko.co.ke
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 12:12:43 GMT
server: nginx
etag: W/"6205013b-56019"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 103946
expires: Sun, 12 Feb 2023 18:34:52 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 52ms
17ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

c97bb3ca107ce9dff21b27d98703b6b7e6cd813d252ce8b1afb1bca174ce49fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27174
x-xss-protection: 0
server: sffe
etag: "1128 / 236 of 1000 / last-modified: 1644581193"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 11 Feb 2022 18:34:52 GMT

GET
H2 200 homepage.97af46eb.css
static-tuko.akamaized.net/tuko/css/ 5 KB
2 KB 69ms
12ms Stylesheet
text/css 2.16.107.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tuko.akamaized.net/tuko/css/homepage.97af46eb.css
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: efd7d6f87d761a15deb0c4128b69647eecb8fdefae85396a4fd249f8fdd94338

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 12:12:53 GMT
server: nginx
etag: W/"62050145-1388"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1411
expires: Sun, 12 Feb 2023 18:34:52 GMT

GET
H2 200 common.22434483.css
static-tuko.akamaized.net/tuko/css/ 11 KB
3 KB 70ms
13ms Stylesheet
text/css 2.16.107.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tuko.akamaized.net/tuko/css/common.22434483.css
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 290567fd4ffe773aa941139a3d3c5d2167425785efe847fd92863c03b7af9abc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 12:13:03 GMT
server: nginx
etag: W/"6205014f-2c0d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
content-length: 3352
expires: Sun, 12 Feb 2023 18:34:52 GMT

GET
H2 200 runtime.2662759b.js Show response
static-tuko.akamaized.net/tuko/js/ 4 KB
2 KB 62ms
15ms Script
application/javascript 2.16.107.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tuko.akamaized.net/tuko/js/runtime.2662759b.js
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e45c8971d7774f9dec7bbc32a71f259f1ef11fb8e2bfc15af675be9a42bea1c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 12:13:13 GMT
server: nginx
etag: W/"62050159-e4b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
content-length: 1858
expires: Sun, 12 Feb 2023 18:34:52 GMT

GET
H2 200 critical.1196b8a1.js Show response
static-tuko.akamaized.net/tuko/js/ 148 KB
51 KB 69ms
22ms Script
application/javascript 2.16.107.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tuko.akamaized.net/tuko/js/critical.1196b8a1.js
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d9d1fe771c5be455b790000e9f089e0e6c78f35f68c48435532df4b55aadc9b3

Request headers

Referer: https://www.tuko.co.ke/
Origin: https://www.tuko.co.ke
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 12:12:43 GMT
server: nginx
etag: W/"6205013b-24fbc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
content-length: 51418
expires: Sun, 12 Feb 2023 18:34:52 GMT

GET
H2 200 monetization.9bc71b29.js Show response
static-tuko.akamaized.net/tuko/js/ 28 KB
7 KB 69ms
22ms Script
application/javascript 2.16.107.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tuko.akamaized.net/tuko/js/monetization.9bc71b29.js
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e95d0a2393cb14e8694c574ae3c80e50ba2a377a376bfda28e52ff87d1aedb21

Request headers

Referer: https://www.tuko.co.ke/
Origin: https://www.tuko.co.ke
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 12:13:13 GMT
server: nginx
etag: W/"62050159-7133"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
content-length: 7450
expires: Sun, 12 Feb 2023 18:34:52 GMT

GET
H2 200 common.e07a3460.js Show response
static-tuko.akamaized.net/tuko/js/ 3 KB
1 KB 23ms
23ms Script
application/javascript 2.16.107.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tuko.akamaized.net/tuko/js/common.e07a3460.js
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2e8806a452a634f5976951071173fc05cb993b93a3f518d71802414000903759

Request headers

Referer: https://www.tuko.co.ke/
Origin: https://www.tuko.co.ke
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 12:12:43 GMT
server: nginx
etag: W/"6205013b-bed"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
content-length: 1138
expires: Sun, 12 Feb 2023 18:34:52 GMT

GET
H/1.1 200
OK y5ZMgLQlE6HV Show response
cdn.onthe.io/io.js/ 56 KB
18 KB 73ms
26ms Script
text/javascript 116.202.11.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/y5ZMgLQlE6HV
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.202.11.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.241.11.202.116.clients.your-server.de
Software: nginx /
Resource Hash: a8aa8c9c731fc7c2a9624e6759820f62f5224b3a428f6b73ef8950409598e646

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:34:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 07:45:17 GMT
Server: nginx
ETag: W/"60ebf30d-e12d"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 12 Feb 2022 18:34:52 GMT

GET
H2 200 logo-header.svg
static-tuko.akamaized.net/tuko/img/ 6 KB
6 KB 31ms
13ms Image
image/svg+xml 2.16.107.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-tuko.akamaized.net/tuko/img/logo-header.svg
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 22bd9ac72a08b8d4b717ab01eb9baebb79f133863e7e8a89eb4c14e7ce47b1b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
last-modified: Thu, 10 Feb 2022 12:13:13 GMT
server: nginx
etag: "62050159-18cf"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 6351
expires: Sun, 12 Feb 2023 18:34:52 GMT

GET
H2 200 a3528c83b3a87f90.jpg
netstorage-tuko.akamaized.net/images/ 16 KB
16 KB 211ms
36ms Image
image/jpeg 2.16.107.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netstorage-tuko.akamaized.net/images/a3528c83b3a87f90.jpg?impolicy=cropped-image&imwidth=360
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-91.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 3a146355cec104c33f0b243c3d5d85260320aa0555e4a94b57d9c9f1c6d7ce71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
last-modified: Thu, 03 Feb 2022 22:30:39 GMT
server: Akamai Image Manager
etag: "2525444a7b09f9427da19d39ab7e9d47:1643378670.914963"
content-type: image/jpeg
cache-control: no-transform, max-age=31622400
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 15971
expires: Sun, 12 Feb 2023 18:34:52 GMT

GET
H2 200 950f151fbbec207b.jpg
netstorage-tuko.akamaized.net/images/ 27 KB
27 KB 213ms
38ms Image
image/jpeg 2.16.107.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netstorage-tuko.akamaized.net/images/950f151fbbec207b.jpg?impolicy=cropped-image&imwidth=720
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-91.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 7dd78a1a810bebba90b60a97fabed5dbfc6a497117ad6c346be1b98621cf1082

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
x-check-cacheable: YES
x-serial: 1501
etag: "02c49455ba47439a901469551bd914fc:1644588251.886603"
content-type: image/jpeg
cache-control: no-transform, max-age=31622400
last-modified: Fri, 11 Feb 2022 14:12:16 GMT
content-length: 27853
server: Akamai Image Manager
expires: Sun, 12 Feb 2023 18:34:52 GMT

GET
H2 200 placeholder.gif
www.tuko.co.ke/tuko/img/ 48 B
176 B 24ms
23ms Image
image/gif 23.55.161.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tuko.co.ke/tuko/img/placeholder.gif
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.161.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-161-208.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2c366efc13702d5bf379b6d5d072ff66fe1d602a6c3185ddd6d6009390fea0f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
last-modified: Thu, 10 Feb 2022 12:12:43 GMT
server: nginx
etag: "6205013b-30"
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
content-length: 48

GET
H2 200 c4df9fc1b3c2c5f1.jpg
netstorage-tuko.akamaized.net/images/ 18 KB
18 KB 216ms
41ms Image
image/jpeg 2.16.107.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netstorage-tuko.akamaized.net/images/c4df9fc1b3c2c5f1.jpg?impolicy=cropped-image&imwidth=360
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-91.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 3534ee363d19e98f95a06ec25c9cab6d741a3e34558f192d20725b482bc42a6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
last-modified: Fri, 11 Feb 2022 16:38:37 GMT
server: Akamai Image Manager
etag: "bf227dd12c2b859c3f4719e497bcf629:1644597421.239529"
content-type: image/jpeg
cache-control: no-transform, max-age=31622400
content-length: 18438
expires: Sun, 12 Feb 2023 18:34:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3598
date: Fri, 11 Feb 2022 17:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 11 Feb 2022 19:34:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 99 KB
41 KB 41ms
18ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCZWZK3

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc4d68d66a99e791a736a27294f2953f5f628a1d65e867d03b1a52c13b078e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41105
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Feb 2022 18:34:52 GMT

GET
DATA 200
OK truncated
/ 298 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb7e7e8b3956c97d3df70e25cee2281c949014b84830ba47fde1e6d97a46a3b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 415 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c025d77b7cb11a9215c1aa24e804db0ad8ad847483df216d3a27d9a71a93018

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 logo-footer.svg
static-tuko.akamaized.net/tuko/img/ 6 KB
6 KB 10ms
9ms Image
image/svg+xml 2.16.107.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-tuko.akamaized.net/tuko/img/logo-footer.svg
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 913038faf12b4c5bd581ff1bf0fb206084201012e2dfa9de4acdc0df58d33a2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
last-modified: Thu, 10 Feb 2022 12:13:13 GMT
server: nginx
etag: "62050159-18ce"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 6350
expires: Sun, 12 Feb 2023 18:34:52 GMT

GET
H3

200

26
n.mail-tuko.co.ke/online/
Redirect Chain

https://n.mail-tuko.co.ke/online/26
https://n.mail-tuko.co.ke/online/26?ar=1

43 B
651 B

153ms
120ms

Image
image/gif

2606:4700:3035::ac43:d121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://n.mail-tuko.co.ke/online/26?ar=1

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/

Protocol

Server

2606:4700:3035::ac43:d121 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ct6jKIJBvYjDfdlka%2FSqwdx6%2Bnd9u4LtnAZQdPppJLJ%2BUlA43hGejKr0j%2ByTQT7O3D2Vb66rJCKKMhU7AEhCCU4GnvzbDlFsXkSehIMYn2HXW1Rr4%2BK%2BRov5S67Ff0LA5W4EmdmJ6q5mu%2FOEboEh6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-execution-time: 15
cache-control: public
cf-ray: 6dbfac815d23839a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block;
x-ua-compatible: IE=Edge,chrome=1

Redirect headers

date: Fri, 11 Feb 2022 18:34:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eb2BJ6kidlM8dvxejvwCPxQ6gVdqdGBcHlrJZyhiV4P7eer4506OjF3JkcJcanMExNQlp%2BAaAQ%2BlRmITPtw5kqXr1%2Fkh2LFAM9bfoFmxoRPSP%2BC42qx8X501Wjx%2FVA5gSGufpKlnv%2F06e7NLv3rmRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://n.mail-tuko.co.ke/online/26?ar=1
x-execution-time: 11
cf-ray: 6dbfac80099a0f4e-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block;
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 homepage.e8bb1a19.js Show response
static-tuko.akamaized.net/tuko/js/ 2 KB
1012 B 20ms
19ms Script
application/javascript 2.16.107.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tuko.akamaized.net/tuko/js/homepage.e8bb1a19.js
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3899bbb7a41b6adf047339ac74d4cab3f9dccf3fb31d7bcb0a7307434c786ff0

Request headers

Referer: https://www.tuko.co.ke/
Origin: https://www.tuko.co.ke
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 12:12:43 GMT
server: nginx
etag: W/"6205013b-6f0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
content-length: 819
expires: Sun, 12 Feb 2023 18:34:52 GMT

GET
H2 200 email-subscription.939956a6.js Show response
static-tuko.akamaized.net/tuko/js/ 9 KB
3 KB 19ms
19ms Script
application/javascript 2.16.107.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tuko.akamaized.net/tuko/js/email-subscription.939956a6.js
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0aa41e61b0e41ce70f2a6c9a79ae9e87602b06f1a2f521524488d88f9af42288

Request headers

Referer: https://www.tuko.co.ke/
Origin: https://www.tuko.co.ke
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 12:13:03 GMT
server: nginx
etag: W/"6205014f-23c5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
content-length: 3120
expires: Sun, 12 Feb 2023 18:34:52 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 51ms
21ms XHR
application/javascript 99.84.85.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.85.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-85-10.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 05:27:08 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 47265
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
via: 1.1 fc6dca2df1221c0bec817610bc20e504.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: MUC50-C1
content-type: application/javascript
x-amz-cf-id: oPaOYXKJAXuVzq3FQ-AutRxuJZDvEz1fkRhc4wtO-PLy2-rpEUwvww==

GET
H2 200 pubads_impl_2022020801.js Show response
securepubads.g.doubleclick.net/gpt/ 357 KB
120 KB 16ms
16ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 17:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4465
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122244
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:34:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Feb 2023 17:20:27 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 206 B
148 B 38ms
16ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.tuko.co.ke

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0d4cc9d7d1e61b3fd9460ba78b0307f182ee3ee4825a38de5a329fbebd139604

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123
x-xss-protection: 0
expires: Fri, 11 Feb 2022 18:34:52 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 14ms
14ms XHR
text/plain 99.84.85.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.tuko.co.ke&pubid=1e2a5982-651d-4e7a-a1d1-465985a0dfb0
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.85.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-85-10.muc50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 14:09:25 GMT
via: 1.1 22a1b3c2f1a7b6d72ce563a230b92a90.cloudfront.net (CloudFront)
server: Server
age: 15927
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.tuko.co.ke
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: MUC50-C1
x-amz-cf-id: FztwQCEsQkoM5Os0N47wKQFcSGBq8ZifYYWirWNYxPQAhxp4M_P_AA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
491 B 71ms
70ms XHR
text/javascript 99.84.85.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.tuko.co.ke%2F&pid=fCjijt0r0d8NY&cb=0&ws=1600x1200&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1489748543596-0-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F76590364%2Ftuko_02%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1489748486636-0-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%221000x90%22%5D%2C%22sn%22%3A%22%2F76590364%2Ftuko_01%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1489759964734-0-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%221000x90%22%5D%2C%22sn%22%3A%22%2F76590364%2Ftuko_universal_anchor%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1489759421791-0-1%22%2C%22s%22%3A%5B%221x1%22%2C%22150x150%22%5D%2C%22sn%22%3A%22%2F76590364%2Ftuko_universal_nonstandard%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1623246743417-0-1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F76590364%2Ftuko_web_interstitial%22%7D%5D&pubid=1e2a5982-651d-4e7a-a1d1-465985a0dfb0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.85.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-85-10.muc50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
via: 1.1 22a1b3c2f1a7b6d72ce563a230b92a90.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-C1
x-amz-rid: 3HQC5N4RB7Z3DM2ZCKQR
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.tuko.co.ke
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: IYLB_2sRPlq2uHrIJPDlqfXusNVVRxOauiuUNmtI2izHqVBk_aWeDg==

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 71ms
34ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/common.e07a3460.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2335
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6dbfac7f9fea0f5e-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 14 Feb 2022 18:34:52 GMT

GET
DATA 200
OK truncated
/ 514 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21fe13207060c53a28649a537fcb7e735a5ae3ebd0aa2299ddc64d935471e603

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 920 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4737bdcd8bfdb5e74d6cf7e0131e29b4b683381b3e38fa44522e0c5d272f3bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 485 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd475b2ffcb5632f78add9ac28ee3175070075999e1b6fec8fe63e561594cc30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53e5619f35e8752aef5c8633fe76233670dffc63476606dad983ee4210a93114

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 746 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 136898fd12e441f6eb90f6bfe7a8aafbc98cc4cabef7d8fa937263bfdf7b8da3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 162 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8969e4133721a22bb97093ac56c85257c5f89d8ea231c3926d18b9abb7f4c2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
532 B 68ms
16ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tuko.co.ke/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.tuko.co.ke
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
330 B 44ms
14ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=613968&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221abef3ed031463%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.tuko.co.ke%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.tuko.co.ke%2F%22%2C%22domain%22%3A%22tuko.co.ke%22%2C%22publisher%22%3A%7B%22domain%22%3A%22tuko.co.ke%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%226.9.0%22%2C%22userIds%22%3A%5B%5D%2C%22err%22%3A%7B%222%22%3A5%7D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222203eef15d5a99%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22613968%22%2C%22sid%22%3A%223%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2266bd2039825024%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613918%22%2C%22sid%22%3A%221%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613918%22%2C%22sid%22%3A%221%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613918%22%2C%22sid%22%3A%221000x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%221013040cef4ed75%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613967%22%2C%22sid%22%3A%222%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613967%22%2C%22sid%22%3A%222%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22613967%22%2C%22sid%22%3A%221000x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 86c3f546f842c81d32f7a47277ca63cfa4cb9873597c34d3196ce1b4f2a35f9c

Request headers

Referer: https://www.tuko.co.ke/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:52 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.31], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.tuko.co.ke
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Fri, 11 Feb 2022 18:34:52 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
312 B 35ms
9ms XHR
application/json 18.185.181.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.9.0&referrer=https%3A%2F%2Fwww.tuko.co.ke%2F&tmax=3000

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.185.181.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-181-98.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.tuko.co.ke/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:52 GMT
x-auction-status: 12, 12, 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tuko.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
311 B 339ms
44ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.9.0&cb=31930711624

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tuko.co.ke/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tuko.co.ke
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
696 B 68ms
33ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.tuko.co.ke/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:52 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4568346a-3db4-471d-976c-d1e3582dd4b1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.tuko.co.ke
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
911 B 117ms
95ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU1FDX19
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9855c97b168ca12c4b926150edbf3665456d8fd130c8630acb982abda9c5d19c

Request headers

Referer: https://www.tuko.co.ke/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.tuko.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 56ms
10ms XHR
text/javascript 188.40.118.169
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=3883:uniques_instantly[url:%2F,domain:www.tuko.co.ke,page:Breaking%20News%2C%20Kenya%20News.%20Today%27s%20latest%20from%20Tuko.co.ke,page_type:main,language:en,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36,device:desktop,browser_version:Chrome%2098,browser:Chrome,depth:1,user_type:new,user_id:79b0e2317.6d20228a5_1644604492770,session_id:26d638648.e142c5556_1644604492773,cdn_version:82]&s=5d785ab6bc6a47ec1c1296ff05c4cce1&1644604492791
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/y5ZMgLQlE6HV
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.118.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.169.118.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:52 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/uniques/ 33 B
559 B 54ms
10ms Script
text/html 188.40.118.169
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/uniques/?current=11&holding=e3155c435e925683dd022a3f2070aae6&hash_user=79b0e2317.6d20228a5_1644604492770&1644604492792
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/y5ZMgLQlE6HV
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.118.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.169.118.40.188.clients.your-server.de
Software: nginx /
Resource Hash: 166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:52 GMT
Server: nginx
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 33
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 50ms
10ms XHR
text/javascript 188.40.118.169
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=3883:visits_instantly[url:%2F,domain:www.tuko.co.ke,page:Breaking%20News%2C%20Kenya%20News.%20Today%27s%20latest%20from%20Tuko.co.ke,page_type:main,language:en,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36,device:desktop,browser_version:Chrome%2098,browser:Chrome,depth:1,user_type:new,user_id:79b0e2317.6d20228a5_1644604492770,session_id:26d638648.e142c5556_1644604492773,cdn_version:82]&s=5d785ab6bc6a47ec1c1296ff05c4cce1&__io=79b0e2317.6d20228a5_1644604492770&1644604492798
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/y5ZMgLQlE6HV
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.118.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.169.118.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:52 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 45ms
10ms XHR
text/javascript 188.40.118.169
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=3883:pageviews[url:%2F,domain:www.tuko.co.ke,page:Breaking%20News%2C%20Kenya%20News.%20Today%27s%20latest%20from%20Tuko.co.ke,page_type:main,language:en,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36,device:desktop,browser_version:Chrome%2098,browser:Chrome,depth:1,user_type:new,user_id:79b0e2317.6d20228a5_1644604492770,session_id:26d638648.e142c5556_1644604492773,cdn_version:82]&s=5d785ab6bc6a47ec1c1296ff05c4cce1&1644604492803
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/y5ZMgLQlE6HV
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.118.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.169.118.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:52 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
461 B 53ms
14ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tuko.co.ke/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.tuko.co.ke
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H3-Q050 200 49abcb0724cff513.jpg
netstorage-tuko.akamaized.net/images/ 5 KB
5 KB 149ms
59ms Image
image/jpeg 2.16.107.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netstorage-tuko.akamaized.net/images/49abcb0724cff513.jpg?impolicy=cropped-image&imwidth=190
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.107.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-91.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: c620355529ba0f43b89ffea738dfd9b0eb353efdb2d8bf5a013a893193041130

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
x-check-cacheable: YES
x-serial: 1176
etag: "930365d6493f06d4ebf670cc59e39e43:1644599306.422898"
content-type: image/jpeg
expires: Sun, 12 Feb 2023 18:34:52 GMT
cache-control: no-transform, max-age=31622400
last-modified: Fri, 11 Feb 2022 17:36:53 GMT
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 5127
server: Akamai Image Manager
quic-version: Q050

GET
H3-Q050 200 4e786c2c634b3c27.jpg
netstorage-tuko.akamaized.net/images/ 6 KB
6 KB 179ms
90ms Image
image/jpeg 2.16.107.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netstorage-tuko.akamaized.net/images/4e786c2c634b3c27.jpg?impolicy=cropped-image&imwidth=190
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.107.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-91.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: d55ea24ba2f38d57d48d85a86e090fe32b0586e800aae6c9b59b51fbd05d176b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:53 GMT
x-check-cacheable: YES
x-serial: 1844
etag: "0b32ae5fdd23d1e1207fce34c94682ba:1644580034.323126"
content-type: image/jpeg
expires: Sun, 12 Feb 2023 18:34:53 GMT
cache-control: no-transform, max-age=31622400
last-modified: Fri, 11 Feb 2022 12:19:55 GMT
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 5860
server: Akamai Image Manager
quic-version: Q050

GET
H3-Q050 200 a3b5921344d33203.jpg
netstorage-tuko.akamaized.net/images/ 6 KB
6 KB 147ms
59ms Image
image/jpeg 2.16.107.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netstorage-tuko.akamaized.net/images/a3b5921344d33203.jpg?impolicy=cropped-image&imwidth=190
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.107.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-91.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 9eb23196fa2b7e64438aaefce86696c41bf7cf3d562ce497fd477c8122a5b807

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
last-modified: Fri, 11 Feb 2022 12:54:30 GMT
server: Akamai Image Manager
etag: "6529459905016404ddae4847deb8a390:1644583336.235195"
content-type: image/jpeg
expires: Sun, 12 Feb 2023 18:34:52 GMT
cache-control: no-transform, max-age=31622400
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 5645
quic-version: Q050

GET
H3-Q050 200 c03a990b546174e2.jpg
netstorage-tuko.akamaized.net/images/ 7 KB
7 KB 148ms
60ms Image
image/jpeg 2.16.107.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netstorage-tuko.akamaized.net/images/c03a990b546174e2.jpg?impolicy=cropped-image&imwidth=190
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.107.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-91.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 66f4280d902136ce168d93fb3c1ff83f7045b65fe7a4440ac33009543bfb7dd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
last-modified: Fri, 11 Feb 2022 09:50:16 GMT
server: Akamai Image Manager
etag: "5e26b9f0b38c35cc64b05b99952badf6:1644567653.458776"
content-type: image/jpeg
expires: Sun, 12 Feb 2023 18:34:52 GMT
cache-control: no-transform, max-age=31622400
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 6673
quic-version: Q050

GET
H3-Q050 200 ece1f383d0f39317.jpg
netstorage-tuko.akamaized.net/images/ 10 KB
10 KB 148ms
61ms Image
image/jpeg 2.16.107.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netstorage-tuko.akamaized.net/images/ece1f383d0f39317.jpg?impolicy=cropped-image&imwidth=360
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.107.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-91.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: e5a1aa9b2d011d99e54b76f87c7b0632d67299a9a9cc6960c86f5ffd966afe5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
last-modified: Fri, 11 Feb 2022 09:04:09 GMT
server: Akamai Image Manager
etag: "bba39a9db44dbaada6cb7ce73d3e9041:1644569480.024736"
content-type: image/jpeg
expires: Sun, 12 Feb 2023 18:34:52 GMT
cache-control: no-transform, max-age=31622400
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 10484
quic-version: Q050

GET
H3-Q050 200 8a33b75b1cc8fc3a.jpg
netstorage-tuko.akamaized.net/images/ 13 KB
13 KB 150ms
62ms Image
image/jpeg 2.16.107.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netstorage-tuko.akamaized.net/images/8a33b75b1cc8fc3a.jpg?impolicy=cropped-image&imwidth=360
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.107.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-91.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: f175f0ccb96cdd20a1c2a0279d2178d8a08f6706b95d87a41f5fde48e66b5f53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
x-check-cacheable: YES
x-serial: 178
etag: "2206ed8c1179148b7fbabf8c9c410d83:1644553226.954607"
content-type: image/jpeg
expires: Sun, 12 Feb 2023 18:34:52 GMT
cache-control: no-transform, max-age=31622400
last-modified: Fri, 11 Feb 2022 04:29:06 GMT
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 13235
server: Akamai Image Manager
quic-version: Q050

GET
H3-Q050 200 0f3598212a748453.jpg
netstorage-tuko.akamaized.net/images/ 8 KB
8 KB 149ms
61ms Image
image/jpeg 2.16.107.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netstorage-tuko.akamaized.net/images/0f3598212a748453.jpg?impolicy=cropped-image&imwidth=360
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.107.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-91.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: b7fe51ae7bc9ac3de3c82dc746b55c8f4e28998084e482cd85b943ed013a90fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
x-check-cacheable: YES
x-serial: 1789
etag: "33ec9510423878e5375224d6b2283786:1644506523.56146"
content-type: image/jpeg
expires: Sun, 12 Feb 2023 18:34:52 GMT
cache-control: no-transform, max-age=31622400
last-modified: Thu, 10 Feb 2022 15:31:14 GMT
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 8394
server: Akamai Image Manager
quic-version: Q050

GET
H3-Q050 200 0fgjhs5t7dsmc7jvl.jpg
netstorage-tuko.akamaized.net/images/ 8 KB
8 KB 152ms
64ms Image
image/jpeg 2.16.107.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netstorage-tuko.akamaized.net/images/0fgjhs5t7dsmc7jvl.jpg?impolicy=cropped-image&imwidth=360
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.107.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-91.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 1356a85ba087399c06c0e8b38e79360e5fa6f4f3b00ac81cb76525704fb031f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
last-modified: Fri, 11 Feb 2022 03:58:04 GMT
server: Akamai Image Manager
etag: "a961bd113d29cd6168b9194bcb68619e:1540852375.829372"
content-type: image/jpeg
expires: Sun, 12 Feb 2023 18:34:52 GMT
cache-control: no-transform, max-age=31622400
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 8387
quic-version: Q050

GET
H3-Q050 200 bfa8056fb5af5061.png
netstorage-tuko.akamaized.net/images/ 28 KB
28 KB 152ms
65ms Image
image/jpeg 2.16.107.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netstorage-tuko.akamaized.net/images/bfa8056fb5af5061.png?impolicy=cropped-image&imwidth=720
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.107.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-91.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 9f9bc2ec405123b1f0e2bdd0b829828acdf854f97b1b905ced62ab1ee1ec2f38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
x-check-cacheable: YES
x-serial: 1035
etag: "9fe3eabd335d748124c961b93580d536:1644474578.660847"
content-type: image/jpeg
expires: Sun, 12 Feb 2023 18:34:52 GMT
cache-control: no-transform, max-age=31622400
last-modified: Thu, 10 Feb 2022 09:56:52 GMT
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 29066
server: Akamai Image Manager
quic-version: Q050

GET
H3-Q050 200 4e4c1c063a6f0226.jpg
netstorage-tuko.akamaized.net/images/ 27 KB
28 KB 152ms
64ms Image
image/jpeg 2.16.107.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netstorage-tuko.akamaized.net/images/4e4c1c063a6f0226.jpg?impolicy=cropped-image&imwidth=720
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.107.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-91.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: cd2ccfb9b183d5537c0b222f02635b344fdb3c085f30c9374c5536565f21f35e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
last-modified: Thu, 10 Feb 2022 11:56:38 GMT
server: Akamai Image Manager
etag: "2d00d58fb80aa8802261b4cfda722763:1644493781.955325"
content-type: image/jpeg
expires: Sun, 12 Feb 2023 18:34:52 GMT
cache-control: no-transform, max-age=31622400
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 28133
quic-version: Q050

GET
H3-Q050 200 ac74eb29e5fec454.jpg
netstorage-tuko.akamaized.net/images/ 31 KB
31 KB 156ms
69ms Image
image/jpeg 2.16.107.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netstorage-tuko.akamaized.net/images/ac74eb29e5fec454.jpg?impolicy=cropped-image&imwidth=720
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.16.107.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-91.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 32e2e5bdbec61650fbada4bc67cde4b3a31db87980831fe8dc2b2b1d39aee069

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
last-modified: Thu, 10 Feb 2022 09:34:41 GMT
server: Akamai Image Manager
etag: "bc527b4987e034c35ff10ce9f56d2040:1644485275.339882"
content-type: image/jpeg
expires: Sun, 12 Feb 2023 18:34:52 GMT
cache-control: no-transform, max-age=31622400
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 31281
quic-version: Q050

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 37ms
9ms Script
application/javascript 18.66.248.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-34.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 25057646
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: k2FsRo-thQEVLEng0BlEXWqPuoGmNiRG3f_w0Gk2QkfsFKRLBUKWPw==

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e915fb00cca9176d6e368265b6bc139aaf5b0080f9c407f974daba6c3bdfbb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 80x80.png
media-tuko.s3.eu-central-1.amazonaws.com/custom/awards/ 22 KB
22 KB 64ms
28ms Image
image/png 52.219.169.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-tuko.s3.eu-central-1.amazonaws.com/custom/awards/80x80.png
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.169.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 18832be36bd90eb84d6120a0c192f3d734af4eb7795206ec1c33d03599c5274b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:34:53 GMT
Last-Modified: Mon, 13 Sep 2021 11:22:18 GMT
Server: AmazonS3
x-amz-request-id: KS48YMXP0BT9RD7B
ETag: "7480c01218f876dd1786317b8113aa76"
Content-Type: image/png
x-amz-version-id: 7k4jchOS8H7Uikw3ag0y6O7lxITOzfg8
Accept-Ranges: bytes
Content-Length: 22493
x-amz-id-2: fIbC8VkMyN8nd+iYvUPEbgmWTWVyfTl5OSlc2jlZk6jVlMt/cZ5H7aoSkrb9jpqS0H3A4qjnQAc=

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 54ms
31ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1837
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6dbfac807f2f59d1-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 14 Feb 2022 18:34:52 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 60ms
22ms Image
image/gif 99.84.88.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Breaking%20News%2C%20Kenya%20News.%20Today%27s%20latest%20from%20Tuko.co.ke&time=1644604492879&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.tuko.co.ke%2F&random_number=9842938270&sess_cookie=21b920a817eea110c4e9a6d59f7&sess_cookie_flag=1&user_cookie=21b920a817eea110c4e9a6d59f7&user_cookie_flag=1&dynamic=true&domain=tuko.co.ke&account=XVumr1WyR620WR&jsv=20130128&user_lang=en-US
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-25.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 03:50:20 GMT
Via: 1.1 ae3f020e2e89e632d339db198e9ba75a.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 53073
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: MUC50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: hFgRXibqBXvjjVwyGcOslWFQvHiMW1nslhUEc3wubravk3iuRW76PQ==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 526ms
162ms Image
text/plain 2600:1f13:57e:7b01:8aeb:562e:2487:980f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:57e:7b01:8aeb:562e:2487:980f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:53 GMT
server: Server

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 84ms
26ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-61484401-1&cid=1373788806.1644604493&jid=1469111194&gjid=76532795&_gid=1410388598.1644604493&_u=YGBAgUABCAQCAE~&z=915220171

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tuko.co.ke/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Feb 2022 18:34:52 GMT
content-type: text/plain
access-control-allow-origin: https://www.tuko.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 43ms
22ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1316552854&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tuko.co.ke%2F&ul=en-us&de=UTF-8&dt=Breaking%20News%2C%20Kenya%20News.%20Today%27s%20latest%20from%20Tuko.co.ke&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAUABCAQCAG~&jid=1670775701&gjid=2132894725&cid=1373788806.1644604493&tid=UA-90901011-1&_gid=1410388598.1644604493&_r=1&_slc=1&z=810643802

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tuko.co.ke/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuko.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 35ms
14ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1316552854&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tuko.co.ke%2F&ul=en-us&de=UTF-8&dt=Breaking%20News%2C%20Kenya%20News.%20Today%27s%20latest%20from%20Tuko.co.ke&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABCAQC~&jid=1469111194&gjid=76532795&cid=1373788806.1644604493&tid=UA-61484401-1&_gid=1410388598.1644604493&z=648265704

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 02:57:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56213
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/25e25a54-5759-4a92-9375-e0f74209e79b/ 5 KB
2 KB 28ms
27ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/25e25a54-5759-4a92-9375-e0f74209e79b/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d99665ecc1c7815d7e8721bdc75cac4179ba150214d6c4920c11c137f39139d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 622
status: 200 OK
x-envoy-upstream-service-time: 20
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 407ec684-2222-4feb-89d2-2051dbc6ee41
x-runtime: 0.019414
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"d99665ecc1c7815d7e8721bdc75cac41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6dbfac811b470f5e-MXP
access-control-allow-headers: SDK-Version
expires: Fri, 11 Feb 2022 19:34:52 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 55ms
32ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-61484401-1&cid=1373788806.1644604493&jid=1469111194&_u=YGBAgUABCAQCAE~&z=532663131

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 56ms
32ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-61484401-1&cid=1373788806.1644604493&jid=1469111194&_u=YGBAgUABCAQCAE~&z=532663131

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 10ms
10ms XHR
text/javascript 188.40.118.169
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=336:uniques_holding&s=5d785ab6bc6a47ec1c1296ff05c4cce1&__io=79b0e2317.6d20228a5_1644604492770&1644604493043
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/y5ZMgLQlE6HV
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.118.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.169.118.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:53 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 169ms
32ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tuko.co.ke

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 168ms
31ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tuko.co.ke

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 146 KB
34 KB 606ms
606ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1943894368639254&correlator=2588391214209718&output=ldjh&eid=31063871%2C44756432%2C44758227&output=ldjh&gdfp_req=1&vrg=2022020801&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220211&iu_parts=76590364%2Ctuko_02%2Ctuko_01%2Ctuko_universal_anchor%2Ctuko_universal_nonstandard%2Ctuko_web_interstitial&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=320x50%7C300x250%2C320x50%7C728x90%7C970x90%7C1000x90%2C728x90%7C970x90%7C1000x90%2C1x1%7C150x150%2C1x1&fluid=height%2Cheight%2C0%2C0%2C0&ists=1&fas=0%2C0%2C0%2C0%2C8&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C&eri=5&cust_params=section%3Dwww%26platform%3Ddesktop%26page%3Dsite_index%26screen%3D1600x1200&cookie_enabled=1&bc=31&abxe=1&dt=1644604493113&dlt=1644604492504&idt=346&frm=20&biw=1600&bih=1200&oid=2&adxs=479%2C436%2C436%2C-12245933%2C-9&adys=496%2C213%2C1110%2C-12245933%2C-9&adks=3862071540%2C109533800%2C2014753589%2C4137496984%2C3066375648&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.tuko.co.ke%2F&vis=1&scr_x=0&scr_y=0&psz=667x306%7C1400x126%7C1600x-1%7C1600x12057%7C0x-1&msz=324x286%7C1400x126%7C728x-1%7C174x36%7C0x-1&ga_vid=1373788806.1644604493&ga_sid=1644604493&ga_hid=1316552854&ga_fc=true&fws=4%2C4%2C512%2C132%2C2&ohw=324%2C1400%2C0%2C174%2C0&btvi=0%7C0%7C0%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

7f1ec19d4a0d2ea57b6ff3e43796bcba04f060a79005b69db314fc99a28a10c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34504
x-xss-protection: 0
google-lineitem-id: -1,-1,5863408003,5895713439,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,138375825545,138379323310,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tuko.co.ke
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A6F9 6 KB
4 KB 64ms
14ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 11 Feb 2022 18:34:53 GMT
expires: Sat, 11 Feb 2023 18:34:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2022020801.js Show response
securepubads.g.doubleclick.net/gpt/ 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022020801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

6585ad79553feebae65872466c71015c90f93d523c48a4cf620c73548c65d8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248906
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13021
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:34:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Feb 2023 21:26:27 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
696 B 30ms
30ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.tuko.co.ke/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:53 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b90a6506-f482-4de5-8d2b-011e5c0ea540
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.tuko.co.ke
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
311 B 39ms
39ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.9.0&cb=5069463608

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tuko.co.ke/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Feb 2022 18:34:52 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tuko.co.ke
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H3 200 prebid Show response
prebid.media.net/rtb/ 1 KB
698 B 134ms
126ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU1FDX19
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6bcd9d48b32fc5b113d6d0937ff778cd0452df8ee7066caedb3096ef6c3c7fce

Request headers

Referer: https://www.tuko.co.ke/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:53 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.tuko.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
491 B 67ms
67ms XHR
text/javascript 99.84.85.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.tuko.co.ke%2F&pid=fCjijt0r0d8NY&cb=1&ws=1600x1200&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1489748620545-0-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%221000x90%22%5D%2C%22sn%22%3A%22%2F76590364%2Ftuko_03%22%7D%5D&pubid=1e2a5982-651d-4e7a-a1d1-465985a0dfb0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.85.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-85-10.muc50.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:53 GMT
via: 1.1 22a1b3c2f1a7b6d72ce563a230b92a90.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-C1
x-amz-rid: RYXJKVCWGANM0676QVZF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.tuko.co.ke
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: vsAIM2vdpEtAnsMJGqKPjouSVfk3uk06uMPMLEN2wBawWrv8_aNdNw==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
19 KB 270ms
269ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1943894368639254&correlator=229989978047076&output=ldjh&eid=31063871%2C44756432%2C44758227&output=ldjh&gdfp_req=1&vrg=2022020801&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220211&iu_parts=76590364%2Ctuko_03&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C1000x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=5&cust_params=section%3Dwww%26platform%3Ddesktop%26page%3Dsite_index%26screen%3D1600x1200&cookie_enabled=1&bc=31&abxe=1&dt=1644604493275&dlt=1644604492504&idt=346&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=2014&adks=1362856384&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.tuko.co.ke%2F&vis=1&scr_x=0&scr_y=0&psz=1400x11176&msz=1400x126&ga_vid=1373788806.1644604493&ga_sid=1644604493&ga_hid=1316552854&ga_fc=true&fws=4&ohw=1400&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

cf50a2bb0cee5f99429181abfa4a0eba4c262e710dd4d678de1e94223063b4eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19756
x-xss-protection: 0
google-lineitem-id: 5863408003
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138375824243
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tuko.co.ke
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 43ms
21ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8048f97d109f70c7e7c8ad6dbfecf6e5b0928c4dcf66fd202e5bf5c755f90238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9739
x-xss-protection: 0

GET
H2

200

context.js Show response
yandex.ru/ads/system/
Redirect Chain

https://yastatic.net/pcode/adfox/loader.js
https://yandex.ru/ads/system/context.js

274 KB
75 KB

138ms
59ms

Script
text/javascript

2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Protocol

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

6f799ead86d469a5110b8fd9063eb44c71b226fa28a8165686e41a273ceba111

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1644604493613821-12321402858604822586-man2-5717-4d4-man-l7-balancer-8080-BAL-6219
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 11 Feb 2022 19:34:53 GMT

Redirect headers

date: Fri, 11 Feb 2022 18:34:53 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
location: https://yandex.ru/ads/system/context.js
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1316552854&t=timing&_s=2&dl=https%3A%2F%2Fwww.tuko.co.ke%2F&ul=en-us&de=UTF-8&dt=Breaking%20News%2C%20Kenya%20News.%20Today%27s%20latest%20from%20Tuko.co.ke&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1187&pdt=4&dns=29&rrt=24&srt=161&tcp=64&dit=395&clt=486&_gst=313&_gbt=489&_u=YGDAgUABCAQCAG~&jid=&gjid=&cid=1373788806.1644604493&tid=UA-61484401-1&_gid=1410388598.1644604493&z=1356442818

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 02:57:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56214
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1316552854&t=timing&_s=2&dl=https%3A%2F%2Fwww.tuko.co.ke%2F&ul=en-us&de=UTF-8&dt=Breaking%20News%2C%20Kenya%20News.%20Today%27s%20latest%20from%20Tuko.co.ke&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1187&pdt=4&dns=29&rrt=24&srt=161&tcp=64&dit=395&clt=486&_gst=313&_gbt=489&_u=YGDAAUABCAQCAG~&jid=&gjid=&cid=1373788806.1644604493&tid=UA-90901011-1&_gid=1410388598.1644604493&z=624204490

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 02:57:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56214
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 1492ms
1455ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 18:34:54 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame B8A4 19 KB
8 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 18:30:12 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame B8A4 2 KB
1 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 18:34:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B8A4 124 KB
38 KB 50ms
27ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 18:34:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B8A4 0
0 35ms
18ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSI6kCM_HCQnWG577an_FOAZucUmz2LuKR4x3A6PnHRnM-lCUraR1KwrKp8v1jjnNHDaTsdR-DWeQ3sLcxpRgpL1ts0ig
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 1571657937511512223
tpc.googlesyndication.com/simgad/ Frame B8A4 348 KB
349 KB 8ms
8ms Image
image/gif 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1571657937511512223

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46a8f8f5d91cd8e83d9fcc7335cb1e4742d7e77a65cbf267de35b935a340ae3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:44:38 GMT
x-content-type-options: nosniff
age: 240615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 356518
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 09:32:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 23:44:38 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B8A4 0
0 42ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstx1P7zNaqJhsFOgdgzS4sWn3t7LKu3S4u6GDz7qMaGE_Hd3DO7XELvzL7EA6wztV7EDMWvFdeN4qFEcO5IqMEkeEHRDCu7bqO0ElZTZGuWjdeHZ6I2EO_RDftIJZpbfCX1VvQyzeBHrSi0902_pzMUS4FzCiNQScXEQtAkDaErLpA8YpvlHZ2ZeE6RaT-zJZfv6oOnm_zj6-5rjKgLXYq-CyN4b5UYFO3sxRxZJ0hK7_M08qf0iQk4_XInZUzByspWvp_Y4aBjXXRn0jCRNKROWYDZX7E9QBB85IoM53BJS_Dk&sai=AMfl-YQ6S7k4T4hC6h-q7WTLXmfZOcNsfmyqSfnrrHJo2vdFNPqy1SkSGmwNs-Bi_khMpSKFqjX4uqxzbug6b0AGtOj4K1wfn7shAggcapdjkmsBtFbqvYxCMpKwZTyL8Snt&sig=Cg0ArKJSzASGAmHH3rCIEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:34:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 11 Feb 2022 18:34:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B8A4 0
0 42ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssM2zkG1hNSHJNBJt3yekoQl34Xj8zxTwCJJT20xryAzazbCefVtJXUSNJly4xk8ma3M-Fe9ZDLk94glVmzBD2XxVLGLUYdIvDW8VxFgqmWYaEj66zehtDvxzUtiZwi3u6TjxvhSRtJgvRC08XGapgee33DxZlH63G8A-FmtKAdMCNQnIvmF0lsjEoBREwX8dEAwdrH-HVi7ddfql8G3uosEqtCkDCIeVzU-PYvhZQcAOKvurY69dDk0zy20eCGtSu-rNOX5o7e6Bqhp6IlmWXRzrY-GDnL3tEpe0aYLDl8uz6guWc&sai=AMfl-YSXHh_pDp3TZpUlst-xpGwrIvsGagKpR3JjpmMaku7YhiGN6s39foBHVEFK5ud1SLP4A6l6k0os0rvXbojN3laLguh7TO7gw_8VGjxQZjYYrEG_CwskpY9xzDtOIlQa&sig=Cg0ArKJSzPvUal1jLr03EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:34:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 11 Feb 2022 18:34:53 GMT

GET
DATA 200
OK truncated
/ Frame B8A4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe6af7bdd59609675b0a366bff661fc68ac73d285ca7c9c1899bcfb0d0936693

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022201141909000/ Frame FC6C 220 KB
61 KB 70ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022201141909000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a1c83c5e669e3486e86fcc5db9fb1cd93d6c141aa4411a8b289e36c7dd38113

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 243920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61561
x-xss-protection: 0
server: sffe
date: Tue, 08 Feb 2022 22:49:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3986e19260f1a320"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Feb 2023 22:49:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022201141909000/v0/ Frame FC6C 16 KB
6 KB 79ms
17ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022201141909000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 243920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
server: sffe
date: Tue, 08 Feb 2022 22:49:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "919adc590e0ff503"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Feb 2023 22:49:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022201141909000/v0/ Frame FC6C 96 KB
29 KB 80ms
18ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022201141909000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 243920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29570
x-xss-protection: 0
server: sffe
date: Tue, 08 Feb 2022 22:49:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c52208c2e07002d5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Feb 2023 22:49:33 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022201141909000/v0/ Frame FC6C 5 KB
2 KB 84ms
23ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022201141909000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 243920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1851
x-xss-protection: 0
server: sffe
date: Tue, 08 Feb 2022 22:49:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "76a8c96b6aaec2c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Feb 2023 22:49:33 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022201141909000/v0/ Frame FC6C 42 KB
13 KB 83ms
21ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022201141909000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 243920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13611
x-xss-protection: 0
server: sffe
date: Tue, 08 Feb 2022 22:49:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7aefe3fe93cc7383"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Feb 2023 22:49:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FC6C 8 KB
1 KB 36ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 17:41:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Feb 2022 18:34:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Feb 2022 18:34:53 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FC6C 2 KB
2 KB 25ms
8ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 84905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 11 Feb 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FC6C 295 B
319 B 24ms
7ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 46279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 12 Feb 2022 05:43:34 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame FC6C 43 B
1 KB 77ms
20ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=5&extPu=30854-gaw&extLi=16073138603&rnd=3515510449

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Fr, 11 Feb 2022 06:34:53 GMT
Server: Microsoft-IIS/8.5
Date: Fri, 11 Feb 2022 18:34:53 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.tuko.co.ke
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1645
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FC6C 0
0 55ms
54ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cx2vfTawGYoHPDNqd-gbQyoSwBvaB9qJo7IWv4oQP29keEAEg3LznPGCV-vCBjAegAbv7wtkDyAEJqQJVRqiZDyGzPuACAKgDAcgDCqoEggJP0FifrRgK-i-V18EnXzplQDRhrTLVeAU4CRJnc2ElvftyI9IHqLbMvqQQSnWopcnsAPqR_TONkE8MeLvWx562jWhNKK-mi9aQvId82Q6vFZjYZc5JFNneCNoowvDNVTAWSlbg6sGrKJ2kX0MRnWmWUaLA8eEEQkoJiVB_DZYvd1gBVzDxETPZ8u3YvX2JCJlFVTZ3crv7Qc3kTZP15zSM9YsA3IyhbeWpGrIp1fWVhYL3uYWWeKRMYA_GNFqVKqbpKUvTl1xsfjnvukMZsQwDn3pODkAN-4N1t03kf4xaeCcNxq8t0nWlA-K7-A0jAL4BFpFUMrKn61vp32PxnULma_bABJWNgpPtA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAehgI4kqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQvY0X0ggJCIjhgBAQARgdgAoByAsBuBOIJ9gTDYgUA9AVAYAXAbIXHgocCAASFHB1Yi04MDk1OTM5MTk5NzY4OTY2GKzJHQ&sigh=xTYVioWdNVs&uach_m=[UACH]&template_id=5000
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 container.html Show response
c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B913 6 KB
3 KB 23ms
8ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Feb 2022 18:34:53 GMT
expires: Sat, 11 Feb 2023 18:34:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FBFA 0
0 43ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJQa8k7Nb7P8GsmiiZo12N10CWlEOl6Yrc7NzIXtHmrng1Inuq3jc9BtXUknvayvlXUprkKT0lleNJJYmrOWHtGxUtmMhMCrzUc5jJ2sd7x5mN2I5yH7fgN7tMrid871SA2_14lIBwbGNhMlJHLyKXDZUNpRdR_VeDlLvgM6EXDVUEFv0htGjvjLQWQxiij_dkduLe89wYqhNeD8bRTYCbKR0N04_HnmrFalLix-74_vz0gAqq4eC6Slxq2uZBRpB02n3E22Y_7PCYpGZZZlYxmX0TrmwfzXtcsByM8ULRd2s7WBT1gUltNE2bUlb4iEs&sai=AMfl-YQB9SbOKIQcftQH0F2N6mmrndZc17RbPRrhhBY6XdBBImRx0HdehKMVe-AKPVml_pYKKRGjbbHAvtZ9hEFInQtx9-Erct3ckNfL5dLYjrD6_tMRsWHi7KFCjh_3xwiC&sig=Cg0ArKJSzLVCgUoWYeCMEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:34:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame FBFA 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 18:30:12 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame FBFA 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 18:34:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FBFA 124 KB
38 KB 49ms
34ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 18:34:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FBFA 0
0 16ms
15ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQidk-s1HkjGRF4JBs_Hzg5AVNPDmkgA0Ptu6Pn8QTL885kmymC9zvkvskLnioeSx356k3BFJ6hSM2B6thcD9OPndWMwg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 10394582023864558001
tpc.googlesyndication.com/simgad/ Frame FBFA 280 KB
280 KB 9ms
9ms Image
image/gif 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10394582023864558001

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcff8185acb06b9c0dfcb870b8563bf8b44143e88c95b27427fa68a82b8479ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 14:57:06 GMT
x-content-type-options: nosniff
age: 272267
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 286896
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 09:32:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 14:57:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3C10 0
0 42ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmDu3FBM1ty3R3gflKQNuPrhrxgl_RABdILIfCYG92qh_Hg8UG9ljRIqCHvS22Ei0SA3FFC0yzwc1b9xKzONyMGuT4-Y_oPbpOntiaj0sxUesUo2PhtDDJTCNLaE18a0rts6M4GfOND5LQEJ22HuzIeoAVpnFzc9bQcmbHwfu3DCBrUkzD3T5roKPysu9X4YGhWAU5T_yMKjwbQ8jhcyNkJTtSDSFqPH-3XyrKuPQxg7EaiGRC1b3udZxGnkjR_SC9s0Wr_ieFKYynSmQKJYYRgF6r2_LKJYl7Vnjl8cTQUj_6AW0b63tgrLuDT6Lpupz0bEQNntETWw&sai=AMfl-YSkQNVN0YTO0pB8xuNLzUZddjLWkv2x6sw8cZ0nnpeLN-stMs2RzdHz0oxJMI7AXJdKe85aF5umpgWluAz2GSrZtfJOzCbCA1i0IUKSTkNoqrWxMPuiY7UgmF0JYPcl&sig=Cg0ArKJSzByGi_ZxwFmOEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:34:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C10 124 KB
38 KB 32ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 18:34:53 GMT

GET
H2 200 d0722cd1b0ba547b75ab.js Show response
yastatic.net/partner-code-bundles/54453/ 13 KB
5 KB 106ms
38ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/54453/d0722cd1b0ba547b75ab.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3d5b526065ffe8b78c319b053b8e0139f19fc6994d68eccf6706b33fb074e17e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tuko.co.ke/
Origin: https://www.tuko.co.ke
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:53 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4458
last-modified: Fri, 11 Feb 2022 16:16:45 GMT
server: nginx/1.17.9
etag: "86f233a4d17a58d3bb66024ef0acf19e"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Feb 2052 01:09:36 GMT

GET
H2 200 1c009f0654379ac98a02.js Show response
yastatic.net/partner-code-bundles/54453/ 80 KB
17 KB 134ms
68ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/54453/1c009f0654379ac98a02.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

02bf65d2e748bef5b97bb63d4c5a1ed92d00677f45e3543741538ad96d1d7a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tuko.co.ke/
Origin: https://www.tuko.co.ke
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:53 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17002
last-modified: Fri, 11 Feb 2022 16:16:45 GMT
server: nginx/1.17.9
etag: "9df023337a2986bc5731490e4e859332"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Feb 2052 01:09:36 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 184ms
118ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tuko.co.ke/
Origin: https://www.tuko.co.ke
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:53 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Feb 2052 01:10:48 GMT

GET
H2 200 6603fe7617aecbb05078.js Show response
yastatic.net/partner-code-bundles/54453/ 597 KB
122 KB 149ms
85ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/54453/6603fe7617aecbb05078.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

857663ab9e81ddc4dd10b6ad25f3baa25a5aadf75c8c08a83838322e80071595

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tuko.co.ke/
Origin: https://www.tuko.co.ke
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:53 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 124047
last-modified: Fri, 11 Feb 2022 16:16:45 GMT
server: nginx/1.17.9
etag: "250d7949859b88f7943bc1e1d52788d0"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Feb 2052 01:09:36 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2983000883772606763/ Frame FC6C 18 KB
18 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2983000883772606763/downsize_200k_v1?w=400&h=209

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd23cdbbbcaf7c2a8603d3c012c4c31d82a865021482c0e1c506bcd0cfa9b0f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 15:11:39 GMT
x-content-type-options: nosniff
age: 184994
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18790
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 08:50:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Feb 2023 15:11:39 GMT

GET
DATA 200
OK truncated
/ Frame FC6C 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FC6C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FC6C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdf3e73853a87d7bb031f8b9786756221e21912aca38d6656c17d416a5658835

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame FC6C 28 KB
28 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tuko.co.ke
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:14:29 GMT
x-content-type-options: nosniff
age: 260424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 18:14:29 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3C10 0
0 41ms
41ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAlgYjGb0vrK67kN__ZKcIsbLa6pBNVgoeUUaXoFHOAWxhOczPT_7KWlC--8Oc9ZWuSJdZuXbVUsl6N9bv6W1FFhy-mUMhQtZ8GJzCJJmGByDcBaJHd-LkmGpt39Yj5h45c9vc7aft7d7KMbp7_yFzZQIQ6JLrAnS42wcWxc7Wb1FE5nJD4hhO2-JoOR3WBdILYQtdmKNU46b3Ht1AJFc5xSc5Yuw4NlH8smwiwWgzEHfdnGsgu8VW80QoA6jDaRjBpX3GCdCVqw-LqIdVKfN_x7agqa-uT-IkfDHpS3nTpWGslyZuaH6DOYpZZsegcyAAqz0Sfcav4SSu&sai=AMfl-YSmVeJ1N35786P8cVabmx3CYsSevZLpmkTmF89NyHsygmC6hXnk9Q5Na9Pwb1HbqLscrPJJrTPGAOribw_4Q1azt2utJx4oq-AOBkq4dvbFHk17caVw1YzrjMOSSRYE&sig=Cg0ArKJSzKU9IK1hDMGWEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:34:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 11 Feb 2022 18:34:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FBFA 0
0 43ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsskwedZBP2JNeQZYDEDsTB9gdCTKL40ub0qr7cLw712cixFK8POedaT6el3Y7gsLnssXtGvhKyilTDec1KPGJUx2sX6I6KhebEdw3qufapmh3wobsAKqRBrNb9xQWW8smBjkDic0-_FTMQc4GyDal8_VeptsYFh9nHu6t0ThhTv19znaW6CzfjWn_uFFJ5NSzBy1XVhROIkb048toTlyvtWjr64ekYjlp_k4mGdauiwYks3vOpv3WpsBlVLDzwOjfok9pnCQT3I-_IXJUJdA2x5_XCTt0p0hbQLAzJTOoXv1bTm-kxast12RxZ67EIkeWRKEA&sai=AMfl-YQnS1_SKd3zqjzHV5lR-1lYfaTBByu0FNAsogvumu6DWlZo4tb4Fdg-Ve8iC-vznZMM39gBhYf0bC2CtH6aKigwQ8esUIsY5d7Z7IM2nsD2EgBRMClkwJdCqZcJOWCx&sig=Cg0ArKJSzCb1VDYuOig7EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:34:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 11 Feb 2022 18:34:53 GMT

GET
DATA 200
OK truncated
/ Frame FBFA 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6306a712e2a06714c3f12ea0c79eecc18ade46b34823ae7afb6a348fbf590bf9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B913 0
0 47ms
47ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTldwTawGYsvQDNqd-gbQyoSwBsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzg3OTU1Mzc3NzM3MDk2MaAB1bbS6gPIAQmpAlVGqJkPIbM-4AIAqAMBqgT5AU_QQLtQGCopUDpq05Cy8lvl4jfJrr98SWSMzOSTfX8pN52D5IbPVMNN40mHU97zW0_q20Lrsxu57aWoEVVZwk33RATH8m3ipnDXqc-XUZf_evdJxDxBvS_mCqoTvo8ABOm6lcINWuF3QD_kq8dEk5uA9VtCjvbiLXn9bX6qM0b6P6-ipI7c6E6EWrC4UqVZXDDOE0AAZOOp6iGaPH8Cq4eFYuKW9qqXTXWhTqrUulNzhlbyoCZhyb59u_jsPCw5LtK75IY2RAyhi3MX7lDpd-BKLhlfn36KZeoCzwdVRZxikbxRZscQdPwWpIxS6XdA_UTmvH0gVqPatOAEAYAG18WPkZrImfKQAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4Nzk1NTM3NzczNzA5NjEYrMkd&sigh=y1U6xnb5IWI&uach_m=[UACH]&cid=CAQSPwCNIrLMpuzwZ-6dj7-6tBi2LC2O9CtrlFgw0bGVRng7DkDYazEH21fHj26a3jyBjX-Xgx1Vd5npAojFGkTXHxgB
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame B913 0
0 74ms
22ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UM-wEsg12AVanYNiAgIAAABW9kgu86ISKxBMrAZiI99G51piAFno1KIAEg&wp=YgasTQADKEsK3o7aAAElUKxaXShDr8JVxkN0NQ

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:53 GMT
server: Kestrel
server-processing-duration-in-ticks: 292678
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5AF9 43 KB
17 KB 71ms
24ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YgasTQADKEsK3o7aAAElUKxaXShDr8JVxkN0NQ&u=%7Cmdzgi9uH7qxdb0INvidMifFk0IBzU7rNCOOi6NhvPZE%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOU5AMaLM1svmhOPUwziPtPUxy_vcdHm499oHcrEl8yasP-6o34O5WlBtawamP4Efxdx0hmrGsLhK7Tze4ChOJuUFln1_O8JfDndG2bm45MSqNv3Ck5tnVGgChytcKqyQ2Zq5GdyVX1gAp5551-u4cLVtL-Y4xqIY-5dlhBZb4qYfCgmzbN3g0G-l-pukA3ZUAZDWYqSRlH2vNL2OWp-q2aDrNLCPFDHH9RmB5znGS11GuctffEMEqo6EpOa1ZP4DyeDeb-YJhGevtPOpTU5_HzqV0cFUZOdKbKXfWUsVOAAJXyP67GUt1IVfCklUTvtA7jo67cqhtdCekrVkkHurow8hwZkeAXp-0_ycUCECDV5713_O6hKjirIM3-1LmU7g0or7tQSaTJdy4eLiudGdDJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPdNuTawGYsvQDNqd-gbQyoSwBsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzg3OTU1Mzc3NzM3MDk2MaAB1bbS6gPIAQmpAlVGqJkPIbM-4AIAqAMBqgT8AU_QQLtQGCopUDpq05Cy8lvl4jfJrr98SWSMzOSTfX8pN52D5IbPVMNN40mHU97zW0_q20Lrsxu57aWoEVVZwk33RATH8m3ipnDXqc-XUZf_evdJxDxBvS_mCqoTvo8ABOm6lcINWuF3QD_kq8dEk5uA9VtCjvbiLXn9bX6qM0b6P6-ipI7c6E6EWrC4UqVZXDDOE0AAZOOp6iGaPH8Cq4eFYuKW9qqXTXWhTqrUulNzhlbyoCZhyb59u_jsPCw5LtK75IY2RAyhi3MX7lDpd-BKLhkdnV8Y4mWe3LjJUT-yrBqpb9MawvY4vA7mIUrmD_v4kGWl_CfJC2BsZuAEAYAG18WPkZrImfKQAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1OoAm49rtqJzOdFKScKYiIxIeHfQ%26client%3Dca-pub-3879553777370961%26adurl%3D

Requested by

Host: c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com
URL: https://c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f3b66c082c5feff0b692ea5d45756073d6d57a5904329e8ad226632fc5d781d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com/

Response headers

date: Fri, 11 Feb 2022 18:34:53 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=xHFD_AhFoUti99w6-QNTwgIBxfyrYh3Ty9bJgYYMrerAgADuC5FEosXpGJkQi08jKtBj7zYfMTGTSKYJ9hOmI7yj_0FlWjCUWDKNTGmFNHKx3qI9cSDi5DX92RVh2QZc0-Blz0HolAlTwbd2ppb_2WOPW8g5JCGzTVkJa8fnL5Uf1cK3b3zJgHDnHhD1z7k63ofOpAar2rDIcKUutXMODNSzFzVW6d5RbUoz3va62yfTttQkklgtGkoEqUPF94Sl7hvixg"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 5329579
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame B913 2 KB
1 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js

Requested by

Host: c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com
URL: https://c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 18:34:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B913 124 KB
38 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com
URL: https://c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 18:34:53 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame B913 15 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com
URL: https://c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:33:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 18:33:27 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B913 22 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com
URL: https://c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 10:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116914
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Feb 2023 10:06:19 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FC6C 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022201141909000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 84905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 11 Feb 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FC6C 295 B
319 B 9ms
8ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022201141909000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 46279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 12 Feb 2022 05:43:34 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5AF9 2 KB
1 KB 81ms
38ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgasTQADKEsK3o7aAAElUKxaXShDr8JVxkN0NQ&u=%7Cmdzgi9uH7qxdb0INvidMifFk0IBzU7rNCOOi6NhvPZE%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SD3_uvb6jZOU5AMaLM1svmhOPUwziPtPUxy_vcdHm499oHcrEl8yasP-6o34O5WlBtawamP4Efxdx0hmrGsLhK7Tze4ChOJuUFln1_O8JfDndG2bm45MSqNv3Ck5tnVGgChytcKqyQ2Zq5GdyVX1gAp5551-u4cLVtL-Y4xqIY-5dlhBZb4qYfCgmzbN3g0G-l-pukA3ZUAZDWYqSRlH2vNL2OWp-q2aDrNLCPFDHH9RmB5znGS11GuctffEMEqo6EpOa1ZP4DyeDeb-YJhGevtPOpTU5_HzqV0cFUZOdKbKXfWUsVOAAJXyP67GUt1IVfCklUTvtA7jo67cqhtdCekrVkkHurow8hwZkeAXp-0_ycUCECDV5713_O6hKjirIM3-1LmU7g0or7tQSaTJdy4eLiudGdDJ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPdNuTawGYsvQDNqd-gbQyoSwBsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzg3OTU1Mzc3NzM3MDk2MaAB1bbS6gPIAQmpAlVGqJkPIbM-4AIAqAMBqgT8AU_QQLtQGCopUDpq05Cy8lvl4jfJrr98SWSMzOSTfX8pN52D5IbPVMNN40mHU97zW0_q20Lrsxu57aWoEVVZwk33RATH8m3ipnDXqc-XUZf_evdJxDxBvS_mCqoTvo8ABOm6lcINWuF3QD_kq8dEk5uA9VtCjvbiLXn9bX6qM0b6P6-ipI7c6E6EWrC4UqVZXDDOE0AAZOOp6iGaPH8Cq4eFYuKW9qqXTXWhTqrUulNzhlbyoCZhyb59u_jsPCw5LtK75IY2RAyhi3MX7lDpd-BKLhkdnV8Y4mWe3LjJUT-yrBqpb9MawvY4vA7mIUrmD_v4kGWl_CfJC2BsZuAEAYAG18WPkZrImfKQAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1OoAm49rtqJzOdFKScKYiIxIeHfQ%26client%3Dca-pub-3879553777370961%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:54 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Feb 2023 18:34:54 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5AF9 2 KB
1 KB 93ms
50ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:54 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Feb 2023 18:34:54 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5AF9 308 B
636 B 67ms
50ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:54 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 06 Feb 2023 18:34:54 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 5AF9 507 B
835 B 66ms
50ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:54 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Mon, 06 Feb 2023 18:34:54 GMT

GET
H2 200 /
track.adform.net/adfserve/ Frame 5AF9 35 B
304 B 96ms
20ms Image
image/gif 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/adfserve/?bn=52745270;1x1inv=1;gdpr=1;;srctype=3;ord=6206ac4dbd23d5a554aea233e5b7691a

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:54 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 5AF9 43 B
347 B 64ms
19ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=IYL_69kPRHMRsLz7fRv6UMO3hQ9pafpNWNAHGQw3VUJIjYXuYlNcqPcMvInlaRQ1LWW68Qu0RuXEUiGj1LuwJ5p_du2EKufKA1Qni3h8E6yHgCwwGj674Mh1hLz-l6dGUFgESZnFjHqe1H9jhXzTrGlh_peBrPf3buZr9shB04nJm71M8Zxl38sQEytWYojcS7V8x0CpUDgcjXax4oyOkXwz5C9hQiD9gKy6AR_iFGC3RARdvC9lLXkZqsZXemzQANLisE2Onu_gOafOT1VHuQDOkUl3t8qdHelBv2RSW1i3ubygTzCqbbtc0ujpqRS-pxSpJGxM8G5mHyhOABXg_gpAwpNEZuUZz8m8KYTa02wS1dsOEKvXdxNuNfVtDFvbDXh4wTJLhwj_29naGkjqfkxuBW-QHCtM8xTEm_iYWbgJvQ6nAQGuJ4j_jA9ikyQ1Mf1eVg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:53 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3194233
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 e734aec425f5471c8d475f8ec9c9d212_criteo_728x90.jpg
static.criteo.net/design/dt/52065/220127/ Frame 5AF9 37 KB
37 KB 55ms
39ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/52065/220127/e734aec425f5471c8d475f8ec9c9d212_criteo_728x90.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

da61bd3cd1757e0df746f12ced87a06eccea074e6485a6ffc477e2fd7508c327

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:54 GMT
last-modified: Thu, 27 Jan 2022 08:13:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "61f2543c-92bb"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 37563
expires: Mon, 06 Feb 2023 18:34:54 GMT

GET
DATA 200
OK truncated
/ Frame B913 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bf4e5cf075dd90aca5f9440332009d9a68463da586098ca4609e4bb41b6fc54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 all
csm.eu.criteo.net/ Frame 5AF9 0
127 B 52ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=xHFD_AhFoUti99w6-QNTwgIBxfyrYh3Ty9bJgYYMrerAgADuC5FEosXpGJkQi08jKtBj7zYfMTGTSKYJ9hOmI7yj_0FlWjCUWDKNTGmFNHKx3qI9cSDi5DX92RVh2QZc0-Blz0HolAlTwbd2ppb_2WOPW8g5JCGzTVkJa8fnL5Uf1cK3b3zJgHDnHhD1z7k63ofOpAar2rDIcKUutXMODNSzFzVW6d5RbUoz3va62yfTttQkklgtGkoEqUPF94Sl7hvixg&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 11 Feb 2022 18:34:53 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5AF9 2 KB
1 KB 54ms
51ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:54 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Feb 2023 18:34:54 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5AF9 2 KB
1 KB 23ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:54 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Feb 2023 18:34:54 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FBFA 42 B
64 B 55ms
40ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9qIxTvryazGUyr_GwDRih6P_4Rjear4Hvzg9g4dvJbMPRR-dlHuPrJiT8piRu8WZjMAFB1t3okr6r0ysb4mRQDUaN3zyodZPoGZEl12uTPI17ZIwa&sig=Cg0ArKJSzCKKx2PVd0zLEAE&id=lidar2&mcvt=1023&p=1110,436,1200,1164&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20220209&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2014753589&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644604493761&rpt=131&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ADAA 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Feb 2022 17:45:58 GMT
expires: Sat, 11 Feb 2023 17:45:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 2937
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AB21 783 B
535 B 16ms
16ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

603c091bcde0b9a0e856fed69769b6941d1f19e19c38c99b53ed3c6fc22a220d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cGWj3Go4ZqJs0L8wJnrCRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 11 Feb 2022 18:34:55 GMT
date: Fri, 11 Feb 2022 18:34:55 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-cGWj3Go4ZqJs0L8wJnrCRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B913 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7TRwZ2JebGn6TEEtMAPFU69SPjtBPdjt4tXuGxRPzG89owQzzz91wkh5pvJWm-t15lUdNPjeIHkXDEJ0Ph_h9&sig=Cg0ArKJSzCWEbzS4yRyiEAE&id=lidar2&mcvt=1021&p=168,436,258,1164&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=109533800&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644604493759&rpt=260&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FC6C 42 B
64 B 93ms
78ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2hXw-K0JwNMdwpneBvSxo9hSP6P3E9m1_n9fx-sOBi_XUBrbEdkrSE4QojqaoRnj1s9R54sWDxtGO2wQX77C-QNJOwTwg7wAg4EbLGzDBIDQsaK4-_fEW8sDtDjQJeUMR1cv0HEajQwUt&sai=AMfl-YTvkxEGxwGqWUWyJIjC9KHcoXeZAfhrm5LWyZtk2gi70ysXoHZqQ0UrtWFCkEM3XtCdGx8fYbJ3P5BCp0ToH8-Ut8o40BLGhoAWhFlQA2HNUtJxGTKjLwAEgjePpl4u&sig=Cg0ArKJSzKNSYH14R0qZEAE&id=ampim&o=479,371&d=600,250&ss=1600,1200&bs=1600,1200&mcvt=1021&mtos=0,0,1021,1021,1021&tos=0,0,1021,0,0&tfs=306&tls=1327&g=100&h=100&tt=1327&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3862071540

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5AF9 0
127 B 13ms
12ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 11 Feb 2022 18:34:54 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AB21 0
0 108ms
108ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020801&jk=1943894368639254&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js Show response
pagead2.googlesyndication.com/bg/ Frame ADAA 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:07:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13545
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 18:07:31 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ADAA 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5lUM6g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 34ms
34ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:55 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 12 Feb 2022 18:34:55 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 37B5 13 KB
5 KB 71ms
25ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.tuko.co.ke

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2592
date: Fri, 11 Feb 2022 18:34:55 GMT
content-length: 5145
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 90 KB
28 KB 49ms
24ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:55 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 12 Feb 2022 18:34:55 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 37B5
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=tuko.co.ke&sn=ChromeSyncframe&so=0&topUrl=www.tuko.co.ke&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=_FQgtnxiekdhaFliWmc0c1QvVGxyOEpWRVBJdmdnTDI0cEZRVDY2Mk9FRDFiVUhIb25wNDkySEpTbVptRHNrR0FSQmRVZEZMaGw3eFc1V3ArT3pralY5d2hUeUxHd1NEcmFNZHVRa05kcjlLMkpRWXVQckNZd1JYYXdCbm...

451 B
639 B

56ms
18ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_FQgtnxiekdhaFliWmc0c1QvVGxyOEpWRVBJdmdnTDI0cEZRVDY2Mk9FRDFiVUhIb25wNDkySEpTbVptRHNrR0FSQmRVZEZMaGw3eFc1V3ArT3pralY5d2hUeUxHd1NEcmFNZHVRa05kcjlLMkpRWXVQckNZd1JYYXdCbmFMYUszeHE2cXIycWhmSEEvUERiVkovSlN5RWRObGxkWlpuTEhKbnlOaEk5dldzWUxybllXYVlXL2N2OVA5WFdhanJMUTdJZlg4Z3Zkems0YW1RTVUrUTFxc2E1L2x5OHRjS1dyR2RoWjZiQmwrdUN6VVNWMzZobHcrNEhRTG40Z0hNV3IrRFJ6Y2lHbTBIK3lhLzZ2R1FtaEJzL2VoQT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

464ea5286c0d4ea5777546b65e81aded1f74e48109dfdf95bc02f50bfe056ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:55 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4345
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:55 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=_FQgtnxiekdhaFliWmc0c1QvVGxyOEpWRVBJdmdnTDI0cEZRVDY2Mk9FRDFiVUhIb25wNDkySEpTbVptRHNrR0FSQmRVZEZMaGw3eFc1V3ArT3pralY5d2hUeUxHd1NEcmFNZHVRa05kcjlLMkpRWXVQckNZd1JYYXdCbmFMYUszeHE2cXIycWhmSEEvUERiVkovSlN5RWRObGxkWlpuTEhKbnlOaEk5dldzWUxybllXYVlXL2N2OVA5WFdhanJMUTdJZlg4Z3Zkems0YW1RTVUrUTFxc2E1L2x5OHRjS1dyR2RoWjZiQmwrdUN6VVNWMzZobHcrNEhRTG40Z0hNV3IrRFJ6Y2lHbTBIK3lhLzZ2R1FtaEJzL2VoQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1907
content-length: 541
expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 47ms
47ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020801&jk=1943894368639254&bg=!_v2l_bnNAAbAtJCDwLQ7ACkAdvg8Wif9J26w9W5hTqBbNPh0GcIxjdqYT0FwBMIEMAsBAreWpP95YgIAAAFCUgAAAAJoAQeZAsZZsQrCnxhB5VqZvjN3MMFCkCI6hF9C38kxul1frPWI7OZx9mEZancp2fLedcrvmbFEzJ_M3ON6QGwN1ORX6uKNENNaIs_dFvubECuQ9QWgsPjOOIyMvPPosNsryL4uAxZ5H1Wt4oAQTLmbI6z_PzlZx6taL1iJTTix8LCwprOvvSCU8Rsq0lW2Cerzbl5TbVvVsT8vL-Py4H1IquEYpNYX2ZcXIthM5DMSJ9JkXioh9xemVAXRi81idwHvECSi6j8qbSxSJLhEykhxuTVmw3C6D-0jeYYSY30wLCFGG9lKm0MkLxZr25QA8gUrsCtGjEQsMZ0r_YZY7Gk6N6r1BFe0MJZAcmHHOzQWjXAmW1VzKiEvPI8jJ6Z9X8FmFoO11Hghhiu17JZ8rzsB5X6E0Y35GLwMRbZOe7aJwuCnYDAcmL6hqCFDkIenxeFmGD8pFn_Cw5ACtzl-yJA02VylrKiDKwFCj8wmvnFV80EqacP-FektFN87SqF8VadYRuq8ugMHdCYE0frdLwh5opiO4Nnm3wj6CGnDAK3j0_MrwkkfNpyQIOn1mHA_B04LRvs_CBIAjbNcEnSON7Fw_Zt0PsgB0NCZv1NJuV0srCpFoIOK7mOyPZNI4KECRQ2WG-Gjc4KTQVQZ5SRx29qqecSIO28HyU0tghUX0xAy2lpXAzIWhffGRrRxoWRcbnh7i5TfobN_IifuQgrLRlQxkGbIHYVwa_Cu-g2mWv_QO3o11sYKOT26z1tULI7YGetYV_EgzmP3Z2wmHxcN52oRov6BJ6s3E0M6uKM19Lw9MExRkjj5THBU952tT_k2eKb-KOHzDEj8YRrv8MfEF1GiT70x6if2_l4kkWRHUFhnWRCe-joGCeHBv-fNdx8pBPJrZMe7GuJEzreZv4wR_XX6Jb0JEEVALSjpv5o-L_bZaJEgYSXnzPwjDdlUpw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 2C27 2 KB
1 KB 78ms
18ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Fri, 11 Feb 2022 18:34:56 GMT
Connection: keep-alive

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 5E36
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

7ms
7ms

Document
text/html

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 01581276e7cb46d56401176f2e005e4a36033a668fc953382fd91456377136b3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/

Response headers

date: Fri, 11 Feb 2022 18:34:56 GMT
content-type: text/html; charset=utf-8
content-length: 460
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Fri, 11 Feb 2022 18:34:56 GMT
content-length: 0
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 9A6D 2 KB
1 KB 75ms
17ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Fri, 11 Feb 2022 18:34:56 GMT
Connection: keep-alive

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame B35C 23 KB
8 KB 164ms
118ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU1FDX19&prvid=2034%2C2033%2C2031%2C2030%2C173%2C251%2C175%2C255%2C233%2C2029%2C178%2C2028%2C3017%2C2027%2C3016%2C236%2C214%2C159%2C237%2C2025%2C117%2C97%2C99%2C55%2C77%2C38%2C3012%2C3010%2C182%2C2040%2C141%2C186%2C222%2C3007%2C201%2C4%2C246%2C2037%2C203%2C126%2C80%2C10000%2C9%2C229%2C108%2C307%2C208%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

fb1907bb16e87c1b79f3e2b2bfa66c0537b1af5a49b7348e4d2e3489df532139

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=129613
expires: Sun, 13 Feb 2022 06:35:09 GMT
date: Fri, 11 Feb 2022 18:34:56 GMT
content-length: 8236

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 9D1C 23 KB
8 KB 163ms
119ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

fb1907bb16e87c1b79f3e2b2bfa66c0537b1af5a49b7348e4d2e3489df532139

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tuko.co.ke/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=129613
expires: Sun, 13 Feb 2022 06:35:09 GMT
date: Fri, 11 Feb 2022 18:34:56 GMT
content-length: 8236

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5E36 70 B
265 B 103ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

404

xuidmid=7976&xuid=YPhZGA7fM&dongle=u6nf
eb2.3lift.com/ Frame 5E36
Redirect Chain

https://ad.mrtnsvr.com/sync/triplelift
https://eb2.3lift.com/xuidmid=7976&xuid=YPhZGA7fM&dongle=u6nf

37 B
155 B

7ms
7ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuidmid=7976&xuid=YPhZGA7fM&dongle=u6nf
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:56 GMT
cache-control: no-cache, no-store, must-revalidate
x-error: Not Found
content-length: 37
content-type: image/gif

Redirect headers

location: https://eb2.3lift.com/xuidmid=7976&xuid=YPhZGA7fM&dongle=u6nf
date: Fri, 11 Feb 2022 18:34:56 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92
vary: Origin
content-type: text/html; charset=utf-8

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 5E36 170 B
232 B 57ms
35ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5E36
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1MDgwNDgxNzEwMTAzNDk2OTY1NA%3D%3D

170 B
502 B

47ms
34ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1MDgwNDgxNzEwMTAzNDk2OTY1NA%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1MDgwNDgxNzEwMTAzNDk2OTY1NA%3D%3D
date: Fri, 11 Feb 2022 18:34:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 5E36 0
707 B 146ms
109ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3250804817101034969654&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:55 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: DFCEAB7E92B54C69855C0B272F5C323B Ref B: FRAEDGE1121 Ref C: 2022-02-11T18:34:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXXwlLLO+98CzYH8ycZaw==

GET
H2

200

xuid
eb2.3lift.com/ Frame 5E36
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/3250804817101034969654?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-.7ywlYJE2oRySj2RHJpOqiEzwLANb3ghzXpSSSTP.g--~A&dongle=0883

37 B
354 B

11ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-.7ywlYJE2oRySj2RHJpOqiEzwLANb3ghzXpSSSTP.g--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Fri, 11 Feb 2022 18:34:56 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-.7ywlYJE2oRySj2RHJpOqiEzwLANb3ghzXpSSSTP.g--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 200 c.gif
c.bing.com/ Frame 5E36 42 B
592 B 60ms
29ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=3250804817101034969654&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:55 GMT
etag: "9ea1ae3587d81:0"
last-modified: Wed, 12 Jan 2022 02:05:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DF2FB8FE7A524658BD7700ABF785FE59 Ref B: FRAEDGE1409 Ref C: 2022-02-11T18:34:56Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 5E36
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3250804817101034969654
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3250804817101034969654&dcc=t

0
0

205ms
100ms

Image
text/html

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3250804817101034969654&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Server: 209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 7BC6X8FV2J26HPEJBFMK
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3250804817101034969654&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 5E36 43 B
235 B 408ms
112ms Image
image/gif 35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=3250804817101034969654&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:34:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame 5E36
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

9ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:34:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 1B3E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

1069ms
1068ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 76af05ebdc8bfccd91bab4c591aeddb9de5ee5d1080757e9c84d3e24ceed322a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|39|230|45|31|13|57|64
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Fri, 11 Feb 2022 18:34:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:57 GMT
Content-Length: 1730
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 337
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 11 Feb 2022 18:34:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:56 GMT
Connection: keep-alive

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame B66A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

67ms
67ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3f42208d4923fbd1025299836387d24f27fd2b5dc93eaad4e5f2e458779f5b7d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|230|45|241|221|4|188|51
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Fri, 11 Feb 2022 18:34:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:56 GMT
Content-Length: 1537
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 337
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 11 Feb 2022 18:34:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:56 GMT
Connection: keep-alive

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame B66A 70 B
264 B 36ms
35ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame B66A 170 B
188 B 48ms
33ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgasUAEBVV-n-JYmJiTz4gAABGUAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B66A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgasUAEBVV.n.JYmJiTz4gAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHUP7JRaCViF0YOmTdOOONk&google_cver=1&gdpr=1&google_hm=2

43 B
1019 B

29ms
29ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHUP7JRaCViF0YOmTdOOONk&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 11 Feb 2022 18:34:56 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHUP7JRaCViF0YOmTdOOONk&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame B66A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgasUAEBVV-n-JYmJiTz4gAABGUAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgasUAEBVV-n-JYmJiTz4gAABGUAAAIB&dcc=t

43 B
645 B

118ms
101ms

Image
image/gif

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgasUAEBVV-n-JYmJiTz4gAABGUAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: S0Y8MXBBY6VHT7GB5CE2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: V2SRY7XH511SD5E117Q6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgasUAEBVV-n-JYmJiTz4gAABGUAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

tpid=YgasUAEBVV.n.JYmJiTz4gAA%261125
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame B66A
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YgasUAEBVV.n.JYmJiTz4gAA%261125?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YgasUAEBVV.n.JYmJiTz4gAA%261125?gdpr_consent=&us_privacy=&gdpr=1

49 B
542 B

38ms
38ms

Image
image/gif

52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YgasUAEBVV.n.JYmJiTz4gAA%261125?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:56 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.28.1
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:56 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YgasUAEBVV.n.JYmJiTz4gAA%261125?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.28.64
content-length: 0
expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B66A
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7814101920575073178

43 B
992 B

26ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7814101920575073178
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 11 Feb 2022 18:34:56 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7814101920575073178
pragma: no-cache
date: Fri, 11 Feb 2022 18:34:55 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame B66A 0
88 B 405ms
99ms Image
text/plain 52.86.198.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.198.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-198-120.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame B66A 43 B
235 B 290ms
109ms Image
image/gif 35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:34:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame B66A 43 B
425 B 50ms
50ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YgasUAEBVV.n.JYmJiTz4gAA%261125
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:34:56 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1757
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 11 Feb 2022 19:04:13 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1B3E
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgasUExTXl8zPgvIdbIeAgAABF4AAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgasUExTXl8zPgvIdbIeAgAABF4AAAIB&dcc=t

43 B
645 B

110ms
110ms

Image
image/gif

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgasUExTXl8zPgvIdbIeAgAABF4AAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:57 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 07CZR6X80YMDKETAB7HV
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:57 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TBH6ZWN8B64VC8W0R1HD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgasUExTXl8zPgvIdbIeAgAABF4AAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1B3E 70 B
264 B 32ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 1B3E 170 B
188 B 38ms
38ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgasUExTXl8zPgvIdbIeAgAABF4AAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1B3E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgasUExTXl8zPgvIdbIeAgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHUP7JRaCViF0YOmTdOOONk&google_cver=1&gdpr=1

43 B
1000 B

25ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHUP7JRaCViF0YOmTdOOONk&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 11 Feb 2022 18:34:57 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHUP7JRaCViF0YOmTdOOONk&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 1B3E
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6978908971970869620&uid=Q6978908971970869620&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

19ms
19ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:34:57 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Fri, 11 Feb 2022 18:34:57 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1B3E
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

43 B
991 B

29ms
28ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 11 Feb 2022 18:34:57 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date: Fri, 11 Feb 2022 18:34:57 GMT
access-control-allow-credentials: true
x-powered-by: Express
content-length: 0
vary: Origin
keep-alive: timeout=5

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1B3E
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588519493769503

43 B
992 B

64ms
45ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588519493769503
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 11 Feb 2022 18:34:57 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588519493769503
Date: Fri, 11 Feb 2022 18:34:57 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1B3E
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1647196497

43 B
983 B

50ms
30ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1647196497
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:34:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 11 Feb 2022 18:34:57 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:34:57 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1647196497
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 1B3E 43 B
425 B 18ms
18ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YgasUExTXl8zPgvIdbIeAgAA%261118
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tuko.co.ke/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:34:57 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1756
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 11 Feb 2022 19:04:13 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 02:59:40	Name: sync Value: CgoIgQIQhrLE0O4vCgoI4gEQhrLE0O4vCgoI5gEQhrLE0O4vCgoIhwIQhrLE0O4vCgkICRCGssTQ7i8KCQg6EIayxNDuLwoJCAsQhrLE0O4vCgoIjAIQhrLE0O4vCgoIngIQhrLE0O4vCgkIXxCGssTQ7i8=
.mrtnsvr.com/sync	1970-01-20 09:37:06	Name: userId Value: YPhZGA7fM
.tuko.co.ke/	1970-01-20 01:33:16	Name: akamai_dsa Value: 365753deacb9c2b373a8d3e090d539ea33805c8ca444f2aece410b7f8b8f66d4a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22akamai_dsa%22%3Bi%3A1%3Bs%3A9%3A%22desktop%7C0%22%3B%7D
www.tuko.co.ke/	1969-12-31 23:59:59	Name: _csrf Value: 1b8b11f234d43586afc69398d7a4dec7d712d35a8e414a2e47a3710fabc51224a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%227znY3BlDevfMOHkAs4pil8nvEzi53Hbj%22%3B%7D
.tuko.co.ke/	1970-01-20 00:50:05	Name: __io_d Value: 1_705468254
www.tuko.co.ke/	1970-01-20 09:35:40	Name: __io_lv Value: 1644604492769
www.tuko.co.ke/	1970-01-20 09:35:40	Name: __io Value: 79b0e2317.6d20228a5_1644604492770
.tuko.co.ke/	1970-01-20 00:50:06	Name: __io_session_id Value: 26d638648.e142c5556_1644604492773
www.tuko.co.ke/	1970-01-20 09:35:40	Name: __io_unique_3883 Value: 11
www.tuko.co.ke/	1970-01-20 00:50:24	Name: __io_uh Value: 1
www.tuko.co.ke/	1970-01-20 00:50:05	Name: __io_visit_3883 Value: 1
.tt.onthe.io/	1970-01-20 00:51:30	Name: io_uide3155c435e925683dd022a3f2070aae6 Value: 11
.tt.onthe.io/	1970-01-20 07:11:40	Name: io_user_hash Value: 79b0e2317.6d20228a5_1644604492770
.tuko.co.ke/	1970-01-20 00:50:06	Name: __asc Value: 21b920a817eea110c4e9a6d59f7
.tuko.co.ke/	1970-01-20 09:37:06	Name: __auc Value: 21b920a817eea110c4e9a6d59f7
.tuko.co.ke/	1970-01-20 00:50:08	Name: AMP_TOKEN Value: %24NOT_FOUND
.tuko.co.ke/	1970-01-20 18:21:16	Name: _ga Value: GA1.3.1373788806.1644604493
.tuko.co.ke/	1970-01-20 00:51:30	Name: _gid Value: GA1.3.1410388598.1644604493
.tuko.co.ke/	1970-01-20 00:50:04	Name: _gat Value: 1
.tuko.co.ke/	1970-01-20 00:50:04	Name: _gat_AllProjects Value: 1
.doubleclick.net/	1970-01-20 10:11:40	Name: IDE Value: AHWqTUkpj6HE9Y9W3wEocZZPGWAJcrk0VBr-PGlT6TMiDXJSco1L59afT4z12pcb7jU
.yandex.ru/	1970-01-20 18:21:16	Name: i Value: XvRbsreL8/U1Pzvb9VoXOxR4dqxg7TN6FOep7RP9eZm8u0rTpwDoLBlXFnKK6EfYZ8nL62coVWbx/eFZDH1+R6T/o0Y=
.doubleclick.net/	1970-01-20 00:50:05	Name: test_cookie Value: CheckForPermission
.tuko.co.ke/	1970-01-20 10:11:40	Name: __gads Value: ID=b2cb4487141aeea3-225356283ecd0048:T=1644604493:S=ALNI_MZPKLuYON7gJrRbVilSYwTTZbxGFQ
m.exactag.com/	1970-01-20 02:59:40	Name: exactag_new_gk Value: eadba7fedac240f493d7c7d0c4dd640d%7c12.04.2022+18%3a34%3a53
m.exactag.com/	1970-01-20 05:09:16	Name: exactag_new_uk Value: dd391ee7b3c040a8ac45e0903c902f42%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: a3e1db01dbb54360a58c000b
.criteo.com/	1970-01-20 10:11:40	Name: uid Value: 86ab53e0-7b3d-4e5f-b81d-c032e6752c80
.tuko.co.ke/	1970-01-20 10:11:40	Name: cto_bundle Value: xSqy7182N2dTWlBvOHZEJTJGeXFDdGhLdEtyU2t0SjBkc1Q2bzl2YnclMkZLdXc2ZU5sSG5WQlRsTExabWZJQ1poNFgyVmxCZ1YlMkZDJTJGcFNFRm1XbTdicHJPOHdxWTFxUG5DS1RhNzU2TDdyJTJGUUslMkIlMkYlMkZ1VzhWMDl2aGJyRlJFY2s4cDBLSkxpTSUyRmYlMkJBQm5jWVUyaXdoVyUyRkw2N2h1YUx3JTNEJTNE
.3lift.com/	1970-01-20 02:59:40	Name: tluid Value: 3250804817101034969654
.bing.com/	1970-01-20 10:11:40	Name: MUID Value: 1BC3B1EA7A246C922A3AA0A27B4F6D97
.yahoo.com/	1970-01-20 09:36:02	Name: A3 Value: d=AQABBFCsBmICEKwxy6MgusdhT3s1ZBlcTmcFEgEBAQH9B2IQYgAAAAAA_eMAAA&S=AQAAAmhXGkZAd7Uej3Hkw7bYx5k
.casalemedia.com/	1970-01-20 02:59:40	Name: CMPS Value: 5202
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:21:58	Name: bcookie Value: "v=2&adfc2861-d1e8-40f2-85bf-64b066ef5b3e"
.linkedin.com/	1970-01-20 18:08:28	Name: li_gc Value: MTswOzE2NDQ2MDQ0OTY7MjswMjFdtNV8V0FMj+OsuIw6e4UGT4+kxjRhYLkDtn14TR/44w==
.linkedin.com/	1970-01-20 00:51:30	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2543:u=1:x=1:i=1644604496:t=1644690896:v=2:sig=AQE6XIsipL8aDawKeRdZiB0BefTBkKse"
.turn.com/	1970-01-20 05:09:16	Name: uid Value: 7814101920575073178
.crwdcntrl.net/	1970-01-20 07:18:51	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 07:18:51	Name: _cc_id Value: 4b9dacef748389aeee212ae71fa663d6
.casalemedia.com/	1970-01-20 09:35:40	Name: CMID Value: YgasUExTXl8zPgvIdbIeAgAA
.casalemedia.com/	1970-01-20 02:59:40	Name: CMPRO Value: 1118
.casalemedia.com/	1970-01-20 00:51:30	Name: CMST Value: YgasUWIGrFEA
.rfihub.com/	1970-01-20 10:11:40	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MTG1sDA1tDSxNDY3szQ1MBbiM9T1cQtzDwwryfM388yR4jU0MzExMzAxsTQ3MTYBAEFaD5U0AAAA
.rfihub.com/	1970-01-20 10:11:40	Name: eud Value: H4sIAAAAAAAAAPvFyGtoZmJiZmBiYmluYmwCAExRk2EQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MTG1sDA1tDSxNDY3szQ1MBbiM9T1cQtzDwwryfM388wBAD0SDpQlAAAA
.owneriq.net/	1970-01-20 18:21:16	Name: si Value: Q6978908971970869620
.owneriq.net/	1970-01-20 01:04:28	Name: p2 Value: cc
.casalemedia.com/	1970-01-20 09:35:40	Name: CMRUM3 Value: 2d6206ac5105a0&396206ac5127605144588519493769503&e66206ac512760&1f6206ac5105a00&276206ac510b40&f16206ac5105a0&406206ac5105a0&0d6206ac5105a0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/022201141909000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://eb2.3lift.com/xuidmid=7976&xuid=YPhZGA7fM&dongle=u6nf Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.mrtnsvr.com
ad.turn.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
b1sync.zemanta.com
bcp.crwdcntrl.net
bidder.criteo.com
c.amazon-adsystem.com
c.bing.com
c07a1b8d9246a0421d09a6cbe16648e9.safeframe.googlesyndication.com
cat.fr.eu.criteo.com
cdn.ampproject.org
cdn.onesignal.com
cdn.onthe.io
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
contextual.media.net
csm.eu.criteo.net
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
js-sec.indexww.com
m.exactag.com
match.adsrvr.org
media-tuko.s3.eu-central-1.amazonaws.com
mug.criteo.com
n.mail-tuko.co.ke
netstorage-tuko.akamaized.net
onesignal.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pr-bh.ybp.yahoo.com
prebid.media.net
px.ads.linkedin.com
px.owneriq.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.adentifi.com
rtb.nl.eu.criteo.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static-tuko.akamaized.net
static.criteo.net
stats.g.doubleclick.net
sync.adotmob.com
tlx.3lift.com
tpc.googlesyndication.com
track.adform.net
tt.onthe.io
tuko.co.ke
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.tuko.co.ke
x.bidswitch.net
yandex.ru
yastatic.net
104.111.242.53
116.202.11.241
13.248.245.213
142.250.184.226
142.250.185.194
178.250.0.157
178.250.0.160
178.250.0.165
178.250.2.150
18.185.181.98
18.66.248.34
184.31.84.150
185.183.112.148
185.33.220.145
188.40.118.169
193.0.160.129
2.16.107.74
2.16.107.91
2.18.234.21
2.18.235.93
2001:678:cb4:bbbb::11
209.54.180.3
213.202.235.9
23.55.161.208
2600:1f13:57e:7b01:8aeb:562e:2487:980f
2606:4700:3035::ac43:d121
2606:4700::6812:e134
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9d
2a02:2638:1::13
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::18
2a02:6b8:20::215
2a02:6b8:a::a
2a05:d018:d29:3601:3bb1:ba5c:766d:e813
34.102.163.6
34.107.148.139
35.211.178.172
35.71.131.137
37.157.6.246
52.219.169.38
52.30.14.23
52.86.198.120
64.202.112.127
66.155.71.25
92.123.225.50
99.84.85.10
99.84.88.25
01581276e7cb46d56401176f2e005e4a36033a668fc953382fd91456377136b3
02bf65d2e748bef5b97bb63d4c5a1ed92d00677f45e3543741538ad96d1d7a03
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
0a1c83c5e669e3486e86fcc5db9fb1cd93d6c141aa4411a8b289e36c7dd38113
0aa41e61b0e41ce70f2a6c9a79ae9e87602b06f1a2f521524488d88f9af42288
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d4cc9d7d1e61b3fd9460ba78b0307f182ee3ee4825a38de5a329fbebd139604
0e915fb00cca9176d6e368265b6bc139aaf5b0080f9c407f974daba6c3bdfbb3
1356a85ba087399c06c0e8b38e79360e5fa6f4f3b00ac81cb76525704fb031f8
136898fd12e441f6eb90f6bfe7a8aafbc98cc4cabef7d8fa937263bfdf7b8da3
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
18832be36bd90eb84d6120a0c192f3d734af4eb7795206ec1c33d03599c5274b
21fe13207060c53a28649a537fcb7e735a5ae3ebd0aa2299ddc64d935471e603
22bd9ac72a08b8d4b717ab01eb9baebb79f133863e7e8a89eb4c14e7ce47b1b6
290567fd4ffe773aa941139a3d3c5d2167425785efe847fd92863c03b7af9abc
2c366efc13702d5bf379b6d5d072ff66fe1d602a6c3185ddd6d6009390fea0f5
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
2e8806a452a634f5976951071173fc05cb993b93a3f518d71802414000903759
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32e2e5bdbec61650fbada4bc67cde4b3a31db87980831fe8dc2b2b1d39aee069
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3534ee363d19e98f95a06ec25c9cab6d741a3e34558f192d20725b482bc42a6f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3899bbb7a41b6adf047339ac74d4cab3f9dccf3fb31d7bcb0a7307434c786ff0
3a146355cec104c33f0b243c3d5d85260320aa0555e4a94b57d9c9f1c6d7ce71
3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826
3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8
3d5b526065ffe8b78c319b053b8e0139f19fc6994d68eccf6706b33fb074e17e
3f42208d4923fbd1025299836387d24f27fd2b5dc93eaad4e5f2e458779f5b7d
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
464ea5286c0d4ea5777546b65e81aded1f74e48109dfdf95bc02f50bfe056ddf
46a8f8f5d91cd8e83d9fcc7335cb1e4742d7e77a65cbf267de35b935a340ae3d
4737bdcd8bfdb5e74d6cf7e0131e29b4b683381b3e38fa44522e0c5d272f3bbe
4c025d77b7cb11a9215c1aa24e804db0ad8ad847483df216d3a27d9a71a93018
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53e5619f35e8752aef5c8633fe76233670dffc63476606dad983ee4210a93114
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5bf4e5cf075dd90aca5f9440332009d9a68463da586098ca4609e4bb41b6fc54
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
603c091bcde0b9a0e856fed69769b6941d1f19e19c38c99b53ed3c6fc22a220d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6306a712e2a06714c3f12ea0c79eecc18ade46b34823ae7afb6a348fbf590bf9
6585ad79553feebae65872466c71015c90f93d523c48a4cf620c73548c65d8c8
66f4280d902136ce168d93fb3c1ff83f7045b65fe7a4440ac33009543bfb7dd0
6bcd9d48b32fc5b113d6d0937ff778cd0452df8ee7066caedb3096ef6c3c7fce
6f799ead86d469a5110b8fd9063eb44c71b226fa28a8165686e41a273ceba111
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
76af05ebdc8bfccd91bab4c591aeddb9de5ee5d1080757e9c84d3e24ceed322a
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23
7dd78a1a810bebba90b60a97fabed5dbfc6a497117ad6c346be1b98621cf1082
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f1ec19d4a0d2ea57b6ff3e43796bcba04f060a79005b69db314fc99a28a10c1
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8048f97d109f70c7e7c8ad6dbfecf6e5b0928c4dcf66fd202e5bf5c755f90238
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
857663ab9e81ddc4dd10b6ad25f3baa25a5aadf75c8c08a83838322e80071595
86c3f546f842c81d32f7a47277ca63cfa4cb9873597c34d3196ce1b4f2a35f9c
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
913038faf12b4c5bd581ff1bf0fb206084201012e2dfa9de4acdc0df58d33a2e
9855c97b168ca12c4b926150edbf3665456d8fd130c8630acb982abda9c5d19c
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ca0a5b3e3680d44390a818f5238b3c30c282108dc08df67b0a281c2fec3c886
9eb23196fa2b7e64438aaefce86696c41bf7cf3d562ce497fd477c8122a5b807
9f9bc2ec405123b1f0e2bdd0b829828acdf854f97b1b905ced62ab1ee1ec2f38
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
a8aa8c9c731fc7c2a9624e6759820f62f5224b3a428f6b73ef8950409598e646
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7fe51ae7bc9ac3de3c82dc746b55c8f4e28998084e482cd85b943ed013a90fc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb7e7e8b3956c97d3df70e25cee2281c949014b84830ba47fde1e6d97a46a3b6
bc4d68d66a99e791a736a27294f2953f5f628a1d65e867d03b1a52c13b078e58
bcff8185acb06b9c0dfcb870b8563bf8b44143e88c95b27427fa68a82b8479ea
bd23cdbbbcaf7c2a8603d3c012c4c31d82a865021482c0e1c506bcd0cfa9b0f6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c620355529ba0f43b89ffea738dfd9b0eb353efdb2d8bf5a013a893193041130
c97bb3ca107ce9dff21b27d98703b6b7e6cd813d252ce8b1afb1bca174ce49fb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
cd2ccfb9b183d5537c0b222f02635b344fdb3c085f30c9374c5536565f21f35e
cd475b2ffcb5632f78add9ac28ee3175070075999e1b6fec8fe63e561594cc30
cdf3e73853a87d7bb031f8b9786756221e21912aca38d6656c17d416a5658835
cf50a2bb0cee5f99429181abfa4a0eba4c262e710dd4d678de1e94223063b4eb
d55ea24ba2f38d57d48d85a86e090fe32b0586e800aae6c9b59b51fbd05d176b
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8969e4133721a22bb97093ac56c85257c5f89d8ea231c3926d18b9abb7f4c2b
d99665ecc1c7815d7e8721bdc75cac4179ba150214d6c4920c11c137f39139d9
d9d1fe771c5be455b790000e9f089e0e6c78f35f68c48435532df4b55aadc9b3
da61bd3cd1757e0df746f12ced87a06eccea074e6485a6ffc477e2fd7508c327
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45c8971d7774f9dec7bbc32a71f259f1ef11fb8e2bfc15af675be9a42bea1c5
e5a1aa9b2d011d99e54b76f87c7b0632d67299a9a9cc6960c86f5ffd966afe5b
e95d0a2393cb14e8694c574ae3c80e50ba2a377a376bfda28e52ff87d1aedb21
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd7d6f87d761a15deb0c4128b69647eecb8fdefae85396a4fd249f8fdd94338
f175f0ccb96cdd20a1c2a0279d2178d8a08f6706b95d87a41f5fde48e66b5f53
f3b66c082c5feff0b692ea5d45756073d6d57a5904329e8ad226632fc5d781d6
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
f445d863495addeabae2a9abbbe80a7cbad17d512a61c92c57f3348079b2591b
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fb1907bb16e87c1b79f3e2b2bfa66c0537b1af5a49b7348e4d2e3489df532139
fe6af7bdd59609675b0a366bff661fc68ac73d285ca7c9c1899bcfb0d0936693

www.tuko.co.ke Open in urlscan Pro 23.55.161.208 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

179 Requests

90 %HTTPS

44 %IPv6

44 Domains

68 Subdomains

57 IPs

9 Countries

2285 kBTransfer

5486 kBSize

49 Cookies

24 Outgoing links

Page URL History

Redirected requests

179 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tuko.co.ke Open in urlscan Pro
23.55.161.208 Public Scan

Screenshot
Live screenshot

Full Image

179
Requests

90 %
HTTPS

44 %
IPv6

44
Domains

68
Subdomains

57
IPs

9
Countries

2285 kB
Transfer

5486 kB
Size

49
Cookies

179 HTTP transactions
15 data transactions