ngoma.co.ke Open in urlscan Pro
46.105.33.210 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ngoma.co.ke/
Effective URL:
https://ngoma.co.ke/
Submission: On April 28 via api (April 28th 2023, 4:22:26 am UTC) from US — Scanned from FR

Summary HTTP 227 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 29 IPs in 7 countries across 31 domains to perform 227 HTTP transactions. The main IP is 46.105.33.210, located in France and belongs to OVH, FR. The main domain is ngoma.co.ke.
TLS certificate: Issued by R3 on April 21st 2023. Valid for: 3 months.

This is the only time ngoma.co.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 46	46.105.33.210 46.105.33.210	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
32	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 15	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
3 4	35.158.72.189 35.158.72.189	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:5c69:ba98:7fb3:79a9	16509 (AMAZON-02) (AMAZON-02)
2	213.155.156.180 213.155.156.180	1299 (TWELVE99 ...) (TWELVE99 Arelion)
4 4	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	3.122.221.15 3.122.221.15	16509 (AMAZON-02) (AMAZON-02)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.59.9.55 52.59.9.55	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	95.131.136.1 95.131.136.1	47841 (OXALIDE) (OXALIDE)
3	23.56.205.163 23.56.205.163	16625 (AKAMAI-AS) (AKAMAI-AS)
227	29

46 46.105.33.210 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip210.ip-46-105-33.eu

ngoma.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.158.72.189 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-72-189.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:5c69:ba98:7fb3:79a9 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.180 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.254 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.221.15 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-221-15.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.9.55 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-9-55.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.131.136.1 (France)

ASN47841 (OXALIDE, FR)
PTR: front.netaffiliation.net

action.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jpp.aircaraibes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	511 KB
46	ngoma.co.ke 1 redirects ngoma.co.ke	690 KB
38	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 23943 ad4m.at — Cisco Umbrella Rank: 9478 assets.ad4m.at — Cisco Umbrella Rank: 31150	474 KB
30	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 313	187 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	115 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	388 KB
6	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 77547 static-de.ad4mat.net — Cisco Umbrella Rank: 111741	12 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	5 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	1 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 908	3 KB
4	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	2 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 1341 r.turn.com — Cisco Umbrella Rank: 4617	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	21 KB
3	awin1.com www.awin1.com — Cisco Umbrella Rank: 15474	2 KB
3	metaffiliation.com action.metaffiliation.com — Cisco Umbrella Rank: 129967	7 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1248 s.tribalfusion.com — Cisco Umbrella Rank: 2774	2 KB
3	google.fr adservice.google.fr — Cisco Umbrella Rank: 29671	818 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	201 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 1037	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1332	2 KB
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1886	486 B
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 5985	1 KB
2	de17a.com d5p.de17a.com — Cisco Umbrella Rank: 6958	250 B
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 7904	902 B
1	aircaraibes.com jpp.aircaraibes.com	2 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2062	588 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 50702	613 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2823	174 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 451	265 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689	713 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	600 B
227	31

	Domain	Requested by
46	ngoma.co.ke	1 redirects ngoma.co.ke
34	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	pagead2.googlesyndication.com	ngoma.co.ke pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
15	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net ngoma.co.ke
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ngoma.co.ke
14	assets.ad4m.at	as.ad4m.at
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
8	www.googletagservices.com	googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net
4	c1.adform.net	4 redirects
4	x.bidswitch.net	3 redirects googleads.g.doubleclick.net
4	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.awin1.com	as.ad4m.at
3	action.metaffiliation.com	as.ad4m.at
3	static-de.ad4mat.net	as.ad4m.at
3	prod-rtb.ad4mat.net	ngoma.co.ke
3	fonts.gstatic.com	fonts.googleapis.com
3	adservice.google.fr	pagead2.googlesyndication.com
3	www.googletagmanager.com	ngoma.co.ke www.googletagmanager.com
2	image6.pubmatic.com	2 redirects
2	pm.w55c.net	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	ads.creative-serving.com	2 redirects
2	d5p.de17a.com	googleads.g.doubleclick.net
2	ads.travelaudience.com	2 redirects
2	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
2	r.turn.com	googleads.g.doubleclick.net
2	ad.turn.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	jpp.aircaraibes.com	as.ad4m.at
1	dsp.adfarm1.adition.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
227	41

This site contains links to these domains. Also see Links.

Domain
themegrill.com
wordpress.org

Subject Issuer	Validity	Valid
ngoma.co.ke R3	`2023-04-21` - `2023-07-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-30` - `2023-12-30`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.metaffiliation.com Gandi Standard SSL CA 2	`2023-03-06` - `2024-03-20`	a year	crt.sh
jpp.aircaraibes.com Gandi Standard SSL CA 2	`2022-08-18` - `2023-09-02`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh

This page contains 34 frames:

Primary Page: https://ngoma.co.ke/
Frame ID: E2F18406652EF7A0A5CC01A53539CF5D
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20190131/zrt_lookup.html
Frame ID: 57698C1A1DF3FB415013AD4F0A49EF9E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&adk=1812271804&adf=3025194257&lmt=1682655740&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fngoma.co.ke%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655740392&bpp=12&bdt=277&idt=216&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5450774221228&frm=20&pv=2&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=253
Frame ID: 17786733911B87133F29AE102D5E1998
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=280&adk=997297033&adf=4244172154&pi=t.aa~a.3137240526~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1682655740&rafmt=1&to=qs&pwprc=7289758778&format=1200x280&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655740404&bpp=2&bdt=289&idt=252&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8Imr1cxUVr&p=https%3A//ngoma.co.ke&dtd=258
Frame ID: 1C0705E3135B18A93D72F421E3C63480
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=280&adk=3332885161&adf=1302256761&pi=t.aa~a.2346554522~rp.1&w=390&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=390x280&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=1&bdt=1524&idt=-M&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tvKtpAMQml&p=https%3A//ngoma.co.ke&dtd=22
Frame ID: C6062672EF34DE528155DB981467AA11
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=250&adk=100150979&adf=256851991&pi=t.aa~a.3086038225~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=310x250&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=1&bdt=1524&idt=-M&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280%2C390x280&nras=4&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=omrUbPdgg4&p=https%3A//ngoma.co.ke&dtd=47
Frame ID: E4CC8B1871B6E2D6E705A7C36B085E7D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=50&adk=3755119921&adf=3838016959&pi=t.aa~a.1178891283~rp.1&w=390&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=390x50&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=2&bdt=1524&idt=2&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280%2C390x280%2C310x250&nras=5&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Vl5gS5vr5x&p=https%3A//ngoma.co.ke&dtd=58
Frame ID: 3DEDF3C7C305B73B2528D1A00EA8999A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1
Frame ID: 46639D0A08170ECD27DCB89088B2466D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0A42AAFE364BC7DB10DC25E2644B5C27
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1
Frame ID: CD311B0D0ADE127B2C483EDE7AAF3711
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1
Frame ID: 92E29E8EF73115C117D67E32CBB4C310
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: CF1784C33EF84A906E373AE867C4BD0D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C9LiY_UlLZNrvLIWP7_UPtaep8Avi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgSxAU_Q4R4058FZBRSwoInaOTTyXQcH-HyFFoHJhB8SKOALv7kcMhOo77r2NMMIgDEgCSopFaLkRr_xLdNcTBbvGiIroE_Bq7MW7nuvs1cyLdDI5hJfgiEiaVVGjAt1UF4v8RagDZW3Kk6nIVFrz0x147_omsDcy6OwRDPURsD3K9FScFcDL7cQXQdsX6xoZ2xcLe9eaqyUo9trzxb6ZxkYfUJllCseaeWLKZtUSacX1UoX94AGi-j66cGpgLj3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTcxMjk2ODIyNTkyNjMxORgA&sigh=InpU7kKHfvw&uach_m=[UACH]&cid=CAQSPABygQiDnlzf8sZNxNepuKrtYR_HvTIslRdcK_rCaQN139j8Y1e0BLHYWGJRrsN1NFypOKa9vLbvcVb3hBgB
Frame ID: 2D310B404BFFC3FBA0E8BBE027F33901
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kcz1vzhctnn0s3bvm5j1vpd6rfdvmsby67j9m7585h5a1x9zyynx97gb8tan8npj65rh9rrw5vfnwqehfyrddssq8f2ebk5v8n6w6ms1kp95zb2dqtgeyktyan2pfpy81fvktasp1ctvgad3458rnz7wr2a1mq1m0fp6bq0sgh44ax39g2arg6mpx1nj5mevfvmaes4j4yc2q7kr545rd3mfxtbgemn8pz7jcqeeqbpvppw4j3vh7pj53f6k3x0yxp1ahrd3nr34w49wgr9xfe4mh93v91wabww2gm8je0gksh8pa355qv8m35726gvrz5a1c59hv0vp4gr0hjn1t80zss8ev9teh4akpaxxk989z4gw4rzhdtw5ntgntevr2tgb929asm3e3b1ymhkyavenbk8rhx5stqhh83y971ynhmjma5tzqhk098xhda18kr7y30tfg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6f3u_UlLZNrvLIWP7_UPtaep8Avi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS0AU_Q4R4058FZBRSwoInaOTTyXQcH-HyFFoHJhB8SKOALv7kcMhOo77r2NMMIgDEgCSopFaLkRr_xLdNcTBbvGiIroE_Bq7MW7nuvs1cyLdDI5hJfgiEiaVVGjAt1UF4v8RagDZW3Kk6nIVFrz0x147_omsDcy6OwRDPURsD3K9FScFcDL7cQXQdsX6wqZU3O-hbZKmQTvxPKr9VzIwIS0EhLjKLA0IVIqnJFZb_CCdVXP7aCzoAGi-j66cGpgLj3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1c9ZGJVeykVeeBkoKJvt80UibgEQ%26client%3Dca-pub-9712968225926319%26adurl%3D
Frame ID: 0C74DD53975BA75ABFF38FE9B586A95B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8FBFEB6AA3D89F96C548010AEE526E8B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CTzID_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS6AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-iw6db3RMamZQ-CuZfykyeMhh0nTAKNsSUnu3OssE0utnMnuu9ncDYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTcxMjk2ODIyNTkyNjMxORgA&sigh=fz6ib_rOmjg&uach_m=[UACH]&cid=CAQSPABygQiDo964Sdkj7rnbrswj9bHzFrxGMdKkpK38LPnoBxiRMTDi07G6i_pYiNa2XBzViuln9vhEHQtcZhgB
Frame ID: 47F057C896FBD125A2D2333402FAF8DF
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jwknk2feb8m6mc6e6mq7rxv6836tb8kdgam4yzmbng31n103qdpzzhh69jsd1v04ky7mtd858aatyfkncqfg5nn0ww2kfmxwv7bsds7xd76p3gxwa2wjchnq0p4ycb600bft1y7v5093v3ha494kk0z5hnr3mt0z6edgkx2f7jrp1g58p8z1ma5y988kmhsbxkczz5jyvrj2v44a8qkzy0fchdt1p2d13d5a4ca014rxewb08pajwb854fj47pwy8rvkgk4kn827xyxsxsy5694p4f8k09k0tep3xaear8x6fannvs0ghazkafbqc89y2e9vzjtxw0xgy0d2571zt6e4qrx65h675b8fk5nkd738437ht4my7zsn13cdftawy283yshwx2h143n9bbncd494pk2kqk9m9c7mawk1fjzypwxjwfpchwz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwK29_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS9AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-ix4d5xD5lAeAygpeTQFqSCow1LZralCUcAwZYvvkKK8sNE7Z0acxbIDQ4AGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_15t4Y6S8yXoN8tncqR9Wf6BKj6IQ%26client%3Dca-pub-9712968225926319%26adurl%3D
Frame ID: 6CAE754AE41FF3DB95B3F03EB9F39E9A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B02F98DAA270BE12BFA8343CCD2DE16E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js
Frame ID: 95E289F5936F10B7BCA44E88F2FB8DDB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js
Frame ID: AF10C09681B2D88AE393484975A33AEA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js
Frame ID: 3E272C732D2234863BA3422F5108398E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js
Frame ID: 78183E92E6F2869F0E2176452F6565DF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js
Frame ID: ED0D581A8C9F40B6D2ACB537F911A8E7
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 66BBC1CA26D000DBB3AAD95136CCD692
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C9QcW_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS6AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gahHNM0U2f6hjkOkKmPSE9feWEfbMpGfsM4Ke6pltaPPOlLAJzH_oYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTcxMjk2ODIyNTkyNjMxORgA&sigh=ALewc4Q1HjA&uach_m=[UACH]&cid=CAQSPABygQiDsKbIpuhUCukd23S4MvN4_LrUQV1WoVO3NWjltz8yU_I-w6Iupnmq9u59H7LUm6Uah7EQfyPRRxgB
Frame ID: 5EFE23C14A5F1F00714F2EBDA606E04F
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k3vrhnhtcm2jtmbjmch9rcbgpazexq9x9xr8dhkn36azdt165q8mckk6de3sn3w7vdmwfy80xt2gtveheg3fb7tfge48fcch39rf88a1xn6j5yape9ktdpnbytz3ds9h0wwvz00k5y6ehp7890k5d13tx5ybaqv3k49tmt1dfjd1amza2ydkcmbqjkwx6y8e0ahbfe2pmsvscbp86hafvypfqa162kvet06eje2sdaca2d7zzys2mtw8vf8h8wbp61wjsy66rmpzswmnv2jqxhqtf54zkczzs7rxz0853wfjrx6sxpc1b745bxhm42je4zd7k63mn43vjp885facbmw7axrwe4tsfm1fxesfjcf021jksnvxwbv3jt7t3785r2r0vtgcnetzrshc84r5mfynxz04w8w7h0y7wapzq1xgc445x3dfk96&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHv9B_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS9AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gagFNuyGDgcmzosjNqtzcxRXHFzRn5uxqEfUwsqmNkreFkoV-66_acYiSoAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_13oy_u-TCxRp9tZA-5wZmaGT5lfQ%26client%3Dca-pub-9712968225926319%26adurl%3D
Frame ID: 9026C70E07196C475DB31570B865448D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EE272025F0A69978B747D80AB452FCEE
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: E2E55A3BDAC657171EF81B03E98639F1
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 57CA6521754ACC8BCB355109CA8CD82B
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=331863&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw&c=320&d=50&e=&g=6d6ffa7bcc895ebea0a9b7250069d469%2F12630415836336569672&i=27718&j=15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1682655743004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzv7bjkbd2k3m3nw12m9v1dn69dpwwsas26qz6azy6xcqkfc1b3x5f77kp40v31xtexkrg5c6sth0hgy3a8fyq5bpm5sbfj4wgkj5g4g356pkpa2q1k2pvwgd80mzwqm7tv70cksahwjq2xbmtyc2z7zymh1tmhx8svt5ssh0wbwgv344n5br8dnyr6ty7xsn32mfy7ayvrtc5exn0gt553cr4srpsy7sas70zrn18q5jm9cjybhr6tacc2dqxranjbh7c6eykwj9dvt2ymkvz6gm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6f3u_UlLZNrvLIWP7_UPtaep8Avi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS0AU_Q4R4058FZBRSwoInaOTTyXQcH-HyFFoHJhB8SKOALv7kcMhOo77r2NMMIgDEgCSopFaLkRr_xLdNcTBbvGiIroE_Bq7MW7nuvs1cyLdDI5hJfgiEiaVVGjAt1UF4v8RagDZW3Kk6nIVFrz0x147_omsDcy6OwRDPURsD3K9FScFcDL7cQXQdsX6wqZU3O-hbZKmQTvxPKr9VzIwIS0EhLjKLA0IVIqnJFZb_CCdVXP7aCzoAGi-j66cGpgLj3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1c9ZGJVeykVeeBkoKJvt80UibgEQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Frame ID: 4D69AD44AC9618F4A396C7C56FF9D5E8
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=119648%2C331863%2C337344&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CX9MHzfGeTxMJqc6H4HetqtY8XUBTkTXKKFJ%2CR4WTgf1Xfk8P2ukHwH3tQtwGzwswTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Ce26U3fKZsJKPxSjHZHet2CZ8PTjTQTx88t1%2CQPwc4fb6CpQ9XhxH5HYt9Cb23bHDT4T5qqaV&c=300&d=250&e=&g=1ac900d18218b0bc91614839092770a2%2F6054773707199071952&i=30425%2C27718%2C74253&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmsf4g07cdfft11rcbdf1bg998ch8anwfs4sr2614bkbg71zhb7vsyghzqhx6zn2qee53dncrfcvcdk8a9kd9r3ajrj9ka2fvf89e6p30xsc90atwbez5yws61xhxn19r6p7gavkv0hbfj4y5pwvdnhbbfa6nae2ryjswrc6ey76yacmw52acn5kmmx762d8fwnvwa6xh5vbna2dhgf0mmkz1sye8b966qrq1knjwe4wyaecp6wrkz99zwqb4f40890gc1sfjtza46znqng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwK29_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS9AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-ix4d5xD5lAeAygpeTQFqSCow1LZralCUcAwZYvvkKK8sNE7Z0acxbIDQ4AGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15t4Y6S8yXoN8tncqR9Wf6BKj6IQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Frame ID: 48B65186B6AD65A2C923A2C6107494D4
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=311476%2C345677%2C324053&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CR4WTgf1XfkmQ4SkHwH3tQtZErwSwTzTmqqH7%2CbWgtQfAecq1mYfYHbHztKtEDwBfxTJT5WWaJ&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CQPwc4fb6Cpk8gFxH5HYt9C7PYbUDT4T5qqaV%2C39zHpfA7cVdj3T7HrHAtXCMr9GF8TWTA11Cd&c=300&d=250&e=&g=bab37016dc0cfa34fe9c6bf3e8f229fb%2F5864692739148579687&i=108136%2C114077%2C111727&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2rfzeeyct9ce6wjq6fye0vkg5b1kwpdfb0s97jbq3kezd12qwzdnv9f3d1b7q364jkcvgf78r1w6770e8vd6rtvwkj7t8v72dg0h3d8bps7fz16m7kqf7krvzw9ymkv2de20znn3e57z6k61xk3cc198qcyh3tp4fctw3gc0rnhn6atdw370cy9b7x81r90vtgxva80vxz3ebmc6yvakkn7wh9wgknagg88j5z189hvbspazgbs16sngcrsqjkjjrwbqhnwv3yy1dh76xg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHv9B_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS9AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gagFNuyGDgcmzosjNqtzcxRXHFzRn5uxqEfUwsqmNkreFkoV-66_acYiSoAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_13oy_u-TCxRp9tZA-5wZmaGT5lfQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Frame ID: 3EFC3344F6558192EC9DDD8A66717539
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3CA162ECFE8FD972E7116E47B0B3A257
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 090D8EA8C3635937EC4727C279530A0B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home : Ngoma

Page URL History Show full URLs

http://ngoma.co.ke/ HTTP 301
https://ngoma.co.ke/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

227
Requests

94 %
HTTPS

56 %
IPv6

31
Domains

41
Subdomains

29
IPs

7
Countries

2620 kB
Transfer

6250 kB
Size

40
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://themegrill.com/themes/colormag
Title: ColorMag

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ngoma.co.ke/ HTTP 301
https://ngoma.co.ke/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 145

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENHbtrsYo7HDVDsMbM3-btc&google_cver=1&google_push=ATf1kGNhSU5VRptwBpOijQjeYtG8HktV7jVr6joRU5l3Mlf-BWvfyiWAKCM-T4DHLR8fIYqsh21Dxb3mArhxGNEXUkdZcQdXGWNSDw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjYyMzUyOTA3NTU1NjM3NTc4MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMS4NoRZs7EXamH1vxzQW2c&google_cver=1

Request Chain 146

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJ5t8GeWxUQFkwShmQ6cuEY&google_cver=1&google_push=ATf1kGNDH8e3z1khOgicbg3tS4DMERm2Jl0lCsWfjPdDmXpArW7o7fK6aZRms4No0KKkVportgNR0uwJdyTvyIMUII7C5cEpEDiQCsM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNDH8e3z1khOgicbg3tS4DMERm2Jl0lCsWfjPdDmXpArW7o7fK6aZRms4No0KKkVportgNR0uwJdyTvyIMUII7C5cEpEDiQCsM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJ5t8GeWxUQFkwShmQ6cuEY&google_cver=1&google_push=ATf1kGNDH8e3z1khOgicbg3tS4DMERm2Jl0lCsWfjPdDmXpArW7o7fK6aZRms4No0KKkVportgNR0uwJdyTvyIMUII7C5cEpEDiQCsM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNDH8e3z1khOgicbg3tS4DMERm2Jl0lCsWfjPdDmXpArW7o7fK6aZRms4No0KKkVportgNR0uwJdyTvyIMUII7C5cEpEDiQCsM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 147

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHPhy-K7IH5yiXKBuS5Jzzw&google_cver=1&google_push=ATf1kGNKf9Pqyk0k0vdHzj4Fdxt1vvnFOfDh8S2_3qOEga8lavzzwrYz44fJrtHLlsjyTH7JWMEa-T3v1eEGSUwNRbDEd1rbIR3OZqY HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=jlXGQLoFSJKj9LGOKnE3EQ2&google_push=ATf1kGNKf9Pqyk0k0vdHzj4Fdxt1vvnFOfDh8S2_3qOEga8lavzzwrYz44fJrtHLlsjyTH7JWMEa-T3v1eEGSUwNRbDEd1rbIR3OZqY

Request Chain 149

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAxA7PlDPyM1zNN-mvIrOKs&google_cver=1&google_push=ATf1kGNb_ehrz-1-ZzoilemIwFPpzxM5IfAE4XeT2H3Pcp2QfhZYBbzA_CnNpWqjvemFw7p8vgf5y53yt7RSPR1cx8rQ0-vfhcfzSxk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNb_ehrz-1-ZzoilemIwFPpzxM5IfAE4XeT2H3Pcp2QfhZYBbzA_CnNpWqjvemFw7p8vgf5y53yt7RSPR1cx8rQ0-vfhcfzSxk&google_hm=eS1lUkRfQkxaRTJwR3dCdUE5clBUb3BIOFhmRmtPbHZ0cn5B

Request Chain 151

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAvnqBeQGs5_4WcAbnXfJ-I&google_cver=1&google_push=ATf1kGPVbbBVs9zWxhVwgOl4zZPvoX5y0NCKMB5QdexNAzZa2e6kEtOZcWPDHsHmLce4q9ko4uhY2DEbVpRiNa5qoJe6dhJo_1ZZ9w HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAvnqBeQGs5_4WcAbnXfJ-I&google_cver=1&google_push=ATf1kGPVbbBVs9zWxhVwgOl4zZPvoX5y0NCKMB5QdexNAzZa2e6kEtOZcWPDHsHmLce4q9ko4uhY2DEbVpRiNa5qoJe6dhJo_1ZZ9w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwOTI3MDc3OTE5NTcwNzc5Nw&google_push=ATf1kGPVbbBVs9zWxhVwgOl4zZPvoX5y0NCKMB5QdexNAzZa2e6kEtOZcWPDHsHmLce4q9ko4uhY2DEbVpRiNa5qoJe6dhJo_1ZZ9w

Request Chain 156

https://ads.travelaudience.com/google_pixel?google_gid=CAESEL_ItXlL7izFwQTEzIFkTgs&google_cver=1&google_push=ATf1kGMJ74_lUwAcM7wp_M_dUmzcJCsF7RLt5VXgMmjubnUQfZk9gYRD8VHBekh3K5eqtwMNgqAz5-1zfnlthZFsV6SYTYIKpAm3B7cY HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=f9pjj_1HQuedLfgSv7fmpg2&google_push=ATf1kGMJ74_lUwAcM7wp_M_dUmzcJCsF7RLt5VXgMmjubnUQfZk9gYRD8VHBekh3K5eqtwMNgqAz5-1zfnlthZFsV6SYTYIKpAm3B7cY

Request Chain 157

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPnQjgEIQzRygrr-B7w1hkU&google_cver=1&google_push=ATf1kGN7ONB5t90E98wWlQHx7PclfphTA-cahlmY5LLVQ1fi4jsPuNmIu5jrbg43O3dHdBUG2SjR0JdkB5kKFJFRQao4I6egayNAfke3 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPnQjgEIQzRygrr-B7w1hkU&google_cver=1&google_push=ATf1kGN7ONB5t90E98wWlQHx7PclfphTA-cahlmY5LLVQ1fi4jsPuNmIu5jrbg43O3dHdBUG2SjR0JdkB5kKFJFRQao4I6egayNAfke3 HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=ea30b1b1-1368-4d5f-a8cd-b726cbc4604f&gdpr=&gdpr_consent= HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=ea30b1b1-1368-4d5f-a8cd-b726cbc4604f&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=912eea59-32a2-4742-a668-259ffbe0ae5b&ssp=google&expires=30&user_group=5&bsw_param=ea30b1b1-1368-4d5f-a8cd-b726cbc4604f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGN7ONB5t90E98wWlQHx7PclfphTA-cahlmY5LLVQ1fi4jsPuNmIu5jrbg43O3dHdBUG2SjR0JdkB5kKFJFRQao4I6egayNAfke3&google_hm=6jCxsRNoTV-ozbcmy8RgTw==

Request Chain 159

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMVrKIC-Q79yRbf9ToM7uJo&google_cver=1&google_push=ATf1kGPnncODkF0nT3FRkKXQGCZ9wZzJjM_V5GtMk1DjYkZgNMblJKDcgnmnm65y4Y4IU9wp73XRRdmJs5Oo_QN_RRmkJAd4CCNgzNo HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMVrKIC-Q79yRbf9ToM7uJo&google_cver=1&google_push=ATf1kGPnncODkF0nT3FRkKXQGCZ9wZzJjM_V5GtMk1DjYkZgNMblJKDcgnmnm65y4Y4IU9wp73XRRdmJs5Oo_QN_RRmkJAd4CCNgzNo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzMwNjc2NTU3NzMyNDg0NTYxNg&google_push=ATf1kGPnncODkF0nT3FRkKXQGCZ9wZzJjM_V5GtMk1DjYkZgNMblJKDcgnmnm65y4Y4IU9wp73XRRdmJs5Oo_QN_RRmkJAd4CCNgzNo

Request Chain 180

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMS4NoRZs7EXamH1vxzQW2c&google_cver=1&google_push=ATf1kGO_VISXeWRr5xX9tFX7mbd5TfRr2zV_YMRvA7NxmwXtN44GX9dCRvkJhTd8yTPC_4wM1f8Vhvm_uosMH2fHRSrbJa3H4-wO_ssL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjYyMzUyOTA3NTU1NjM3NTc4MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMS4NoRZs7EXamH1vxzQW2c&google_cver=1

Request Chain 181

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECzRhuSZg6GdEgw1S7ChQi4&google_cver=1&google_push=ATf1kGNk5gUU2Yy1_AU5QHj4kfhEip4vAaKTgHmUGky4KzRcmePHNywfmNBp9_ucvV1cYcCLUu_pmsV05tqK7w_EwIcZ41EJBVfZgAMr HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECzRhuSZg6GdEgw1S7ChQi4&google_cver=1&google_push=ATf1kGNk5gUU2Yy1_AU5QHj4kfhEip4vAaKTgHmUGky4KzRcmePHNywfmNBp9_ucvV1cYcCLUu_pmsV05tqK7w_EwIcZ41EJBVfZgAMr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QUoyUlc4SE8xUFNmQ0w1&google_gid=CAESECzRhuSZg6GdEgw1S7ChQi4&google_cver=1&google_push=ATf1kGNk5gUU2Yy1_AU5QHj4kfhEip4vAaKTgHmUGky4KzRcmePHNywfmNBp9_ucvV1cYcCLUu_pmsV05tqK7w_EwIcZ41EJBVfZgAMr

Request Chain 183

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESED0A6mlHxSkC6prEybvK7IM&google_cver=1&google_push=ATf1kGMLrAt8fyID8hSrr6bgxCSAXMQGCF0xTNxoqeSo1TUWXUtRTxan8WxVaSxZpNfMOVdzAEOqn4aTZ3nxBVxf_lWlOSqLCqk-Er-D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMLrAt8fyID8hSrr6bgxCSAXMQGCF0xTNxoqeSo1TUWXUtRTxan8WxVaSxZpNfMOVdzAEOqn4aTZ3nxBVxf_lWlOSqLCqk-Er-D&google_hm=6GBCVt4JTVS3A54okbaJ62o

Request Chain 184

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELg30ets68KTcIRUcEjbR7U&google_cver=1&google_push=ATf1kGMmoce8Cj33e-XnRr6gLgVOaBtqZP1BVsdslPyvYKW4gwWt63yQGvp9ZHTo3KN4R5oV1XWW9BTMwcdMOhxbEdCZ3pEN0zqE3ILm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNjk1MTM4NjYxMjEwMzMwOQ%3D%3D&google_push=ATf1kGMmoce8Cj33e-XnRr6gLgVOaBtqZP1BVsdslPyvYKW4gwWt63yQGvp9ZHTo3KN4R5oV1XWW9BTMwcdMOhxbEdCZ3pEN0zqE3ILm

Request Chain 186

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMpTRg5qmNzG_l9qj9DKAeI&google_cver=1&google_push=ATf1kGMrfjI4LmFqUitTH7BHF9FVccIJfneAIWQlqDze4BbxzkoWOzzeP6xCrRhqUZw7VeGB1ffUQ1GGiyf4UMXIkyRKxfRWIemi63G5 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMpTRg5qmNzG_l9qj9DKAeI&google_cver=1&google_push=ATf1kGMrfjI4LmFqUitTH7BHF9FVccIJfneAIWQlqDze4BbxzkoWOzzeP6xCrRhqUZw7VeGB1ffUQ1GGiyf4UMXIkyRKxfRWIemi63G5&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n3FFdAoiSvu3JUFVqrt3Xw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMrfjI4LmFqUitTH7BHF9FVccIJfneAIWQlqDze4BbxzkoWOzzeP6xCrRhqUZw7VeGB1ffUQ1GGiyf4UMXIkyRKxfRWIemi63G5

227 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ngoma.co.ke/
Redirect Chain

http://ngoma.co.ke/
https://ngoma.co.ke/

88 KB
13 KB

340ms
309ms

Document
text/html

46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 115a1528a5457078a1aa205b30c12ea2872c6efd70ae9dd02716b957593e8a17

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 28 Apr 2023 04:22:20 GMT
link: <https://ngoma.co.ke/wp-json/>; rel="https://api.w.org/" <https://ngoma.co.ke/wp-json/wp/v2/pages/295>; rel="alternate"; type="application/json" <https://ngoma.co.ke/>; rel=shortlink
vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Fri, 28 Apr 2023 04:22:19 GMT
location: https://ngoma.co.ke/

GET
H2 200 style.min.css
ngoma.co.ke/wp-includes/css/dist/block-library/ 95 KB
12 KB 16ms
15ms Stylesheet
text/css 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ngoma.co.ke/wp-includes/css/dist/block-library/style.min.css?ver=6.2
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 06:29:01 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11775
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 classic-themes.min.css
ngoma.co.ke/wp-includes/css/ 291 B
271 B 14ms
14ms Stylesheet
text/css 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ngoma.co.ke/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 06:29:01 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 164
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 wp-emoji-release.min.js Show response
ngoma.co.ke/wp-includes/js/ 18 KB
5 KB 15ms
15ms Script
application/javascript 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ngoma.co.ke/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 06:29:01 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 styles.css
ngoma.co.ke/wp-content/plugins/contact-form-7/includes/css/ 3 KB
933 B 15ms
14ms Stylesheet
text/css 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ngoma.co.ke/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.6
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
last-modified: Sun, 23 Apr 2023 18:28:14 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 878
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 style.css
ngoma.co.ke/wp-content/themes/colormag/ 102 KB
16 KB 15ms
14ms Stylesheet
text/css 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ngoma.co.ke/wp-content/themes/colormag/style.css?ver=2.1.8
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 2226b397adfcd8fde1b5bad0d5f61b4a434702fed6bf4a13e536ec1f6dc53aab

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 14:32:43 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15992
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 font-awesome.min.css
ngoma.co.ke/wp-content/themes/colormag/fontawesome/css/ 30 KB
7 KB 29ms
28ms Stylesheet
text/css 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ngoma.co.ke/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 14:32:43 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6662
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 jquery.min.js Show response
ngoma.co.ke/wp-includes/js/jquery/ 88 KB
30 KB 16ms
15ms Script
application/javascript 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ngoma.co.ke/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 06:29:03 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30376
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 jquery-migrate.min.js Show response
ngoma.co.ke/wp-includes/js/jquery/ 13 KB
5 KB 24ms
23ms Script
application/javascript 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ngoma.co.ke/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 06:29:03 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4603
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
61 KB 101ms
42ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-251680385-1

Requested by

Host: ngoma.co.ke
URL: https://ngoma.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8a8c224869fa7beda4bcc56e399d60c3b5832b184cab65fc1f223e6d0c7ca15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62276
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 04:22:20 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 105ms
45ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9712968225926319

Requested by

Host: ngoma.co.ke
URL: https://ngoma.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6892f6c01bea8e4ab7654ef01c395cad28cb3dd9cc705caceaa15a9461ba67ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngoma.co.ke/
Origin: https://ngoma.co.ke
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47402
x-xss-protection: 0
server: cafe
etag: 16725389218567881145
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 04:22:20 GMT

GET
H2 200 index.js Show response
ngoma.co.ke/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 14ms
14ms Script
application/javascript 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ngoma.co.ke/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.6
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
last-modified: Sun, 23 Apr 2023 18:28:14 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2894
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 index.js Show response
ngoma.co.ke/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 16ms
15ms Script
application/javascript 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ngoma.co.ke/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
last-modified: Sun, 23 Apr 2023 18:28:14 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3918
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 jquery.bxslider.min.js Show response
ngoma.co.ke/wp-content/themes/colormag/js/ 23 KB
6 KB 18ms
17ms Script
application/javascript 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ngoma.co.ke/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.8
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 0157d11106d6b70289099fd1ce1f7bea3a9dfbb46cee3994edb07ce765bb92fc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 14:32:43 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5908
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 navigation.min.js Show response
ngoma.co.ke/wp-content/themes/colormag/js/ 2 KB
569 B 17ms
16ms Script
application/javascript 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ngoma.co.ke/wp-content/themes/colormag/js/navigation.min.js?ver=2.1.8
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 5b84335d42b38d3122349f53b20dd6a5cb0f45d1e45e5683fd572bcdda8c04a2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 14:32:43 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 537
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 jquery.fitvids.min.js Show response
ngoma.co.ke/wp-content/themes/colormag/js/fitvids/ 2 KB
667 B 19ms
18ms Script
application/javascript 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ngoma.co.ke/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.8
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 8994924c0f3ab4474ee0a7c04417ad84933c4467cc9192fcb60b9774f15f5990

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 14:32:43 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 635
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 skip-link-focus-fix.min.js Show response
ngoma.co.ke/wp-content/themes/colormag/js/ 325 B
202 B 18ms
18ms Script
application/javascript 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ngoma.co.ke/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.8
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 14:32:43 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 171
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 colormag-custom.min.js Show response
ngoma.co.ke/wp-content/themes/colormag/js/ 3 KB
1 KB 19ms
19ms Script
application/javascript 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ngoma.co.ke/wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.8
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: aeef31c70dd1e009fba6965ac0510518bc1fc7c99323dc712b204e9dc74d747f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 14:32:43 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1018
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 OpenSans-VariableFont.woff
ngoma.co.ke/wp-content/themes/colormag/assets/fonts/ 78 KB
78 KB 15ms
14ms Font
font/woff 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ngoma.co.ke/wp-content/themes/colormag/assets/fonts/OpenSans-VariableFont.woff
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/wp-content/themes/colormag/style.css?ver=2.1.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 01860d2273448228ae1e9f7b7150e82bdcf98896938cccd44815f4c1c856204c

Request headers

Referer: https://ngoma.co.ke/wp-content/themes/colormag/style.css?ver=2.1.8
Origin: https://ngoma.co.ke
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: font/woff
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Wed, 11 Jan 2023 14:32:43 GMT
accept-ranges: bytes
content-length: 80196
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 fontawesome-webfont.woff2
ngoma.co.ke/wp-content/themes/colormag/fontawesome/fonts/ 75 KB
75 KB 29ms
28ms Font
font/woff2 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ngoma.co.ke/wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://ngoma.co.ke/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8
Origin: https://ngoma.co.ke
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: font/woff2
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Wed, 11 Jan 2023 14:32:43 GMT
accept-ranges: bytes
content-length: 77160
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 OpenSans-SemiBold.woff
ngoma.co.ke/wp-content/themes/colormag/assets/fonts/ 78 KB
78 KB 16ms
16ms Font
font/woff 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ngoma.co.ke/wp-content/themes/colormag/assets/fonts/OpenSans-SemiBold.woff
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/wp-content/themes/colormag/style.css?ver=2.1.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: e401b72553ea85689b6a2ee010d65bd1d41bd99d765ca892c49589e9a170634b

Request headers

Referer: https://ngoma.co.ke/wp-content/themes/colormag/style.css?ver=2.1.8
Origin: https://ngoma.co.ke
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: font/woff
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Wed, 11 Jan 2023 14:32:43 GMT
accept-ranges: bytes
content-length: 80184
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Mc-Fullstop-Reggae-Mix.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 38 KB
38 KB 20ms
15ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Mc-Fullstop-Reggae-Mix.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: d11884f5dca9c8f6f5056dad9f6d6584ca65569be1296c96b698c78291f21442

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Sat, 15 Apr 2023 09:26:26 GMT
accept-ranges: bytes
content-length: 39243
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Kenyan-Throwback-Old-School-800x445.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 64 KB
64 KB 34ms
28ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Kenyan-Throwback-Old-School-800x445.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: c95e55f0766c356809f03ca906db019b1606dc37e750cf0018eebc00d807a1bd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Thu, 13 Apr 2023 16:01:22 GMT
accept-ranges: bytes
content-length: 65677
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Bongo-Video-Mix-2023-Jay-Melody-800x445.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 45 KB
45 KB 21ms
15ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Bongo-Video-Mix-2023-Jay-Melody-800x445.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 92b69f5f41a7e3ae8b991be8080b52f05504a9151ad20fad4b8b2ee111fe7d56

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Thu, 13 Apr 2023 15:34:37 GMT
accept-ranges: bytes
content-length: 46350
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Dj-Lyta-Yatapita-Bongo-Mix-800x445.jpg
ngoma.co.ke/wp-content/uploads/2023/02/ 35 KB
35 KB 22ms
16ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/02/Dj-Lyta-Yatapita-Bongo-Mix-800x445.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 503458613463f4fbc61dacb08e693173096e8a5d9c57954a497a7218e8d631f5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Sat, 04 Feb 2023 14:54:05 GMT
accept-ranges: bytes
content-length: 36007
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Roma-Ft-Abiud-Nipeni-Maua-Yangu-392x272.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 14 KB
14 KB 35ms
30ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Roma-Ft-Abiud-Nipeni-Maua-Yangu-392x272.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 2292438f64c3764333d7658651a9c9b61ad76a46cd53b21cbe868c2e757dc4b1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Thu, 20 Apr 2023 16:18:57 GMT
accept-ranges: bytes
content-length: 14018
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Kirikou-Akili-Ntivyakunze-392x272.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 21 KB
21 KB 22ms
17ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Kirikou-Akili-Ntivyakunze-392x272.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 318d67c3bfc2387f50aa4f39136ade5181fe678fefb4a57217880fc6682571d4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Thu, 20 Apr 2023 16:09:16 GMT
accept-ranges: bytes
content-length: 21480
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Mejja-Punguza-Ego-392x272.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 16 KB
16 KB 22ms
17ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Mejja-Punguza-Ego-392x272.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 52020220e5df1dafe49faafcc030b85af20b98d99d4e2fb41ab5ea3f8f02fa8a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Thu, 20 Apr 2023 12:08:12 GMT
accept-ranges: bytes
content-length: 15889
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Stephen-Kasolo-Njooni-Muone-392x272.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 13 KB
13 KB 23ms
18ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Stephen-Kasolo-Njooni-Muone-392x272.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 1fea08fd1c966b464cc510c0740a4f807a24714f3852496af66393edb8adc340

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Thu, 20 Apr 2023 06:50:26 GMT
accept-ranges: bytes
content-length: 13371
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Mejja-Punguza-Ego-390x205.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 12 KB
12 KB 33ms
28ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Mejja-Punguza-Ego-390x205.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 8377dd6ba2fb62a9b9032b9cb56952afa5aad3b2c62c26f86ec8db00c2357219

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Thu, 20 Apr 2023 12:08:12 GMT
accept-ranges: bytes
content-length: 12557
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Ndovu-Kuu-Pigwa-Tetanus-130x90.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 3 KB
3 KB 23ms
18ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Ndovu-Kuu-Pigwa-Tetanus-130x90.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 85c620426916fb8a3ca285a0d1e8aaaaf09f9ea3a9edc0f838e2778d622cf226

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Fri, 14 Apr 2023 09:46:33 GMT
accept-ranges: bytes
content-length: 3401
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Savara-Reggae-Ya-Kinyozi-130x90.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 4 KB
4 KB 24ms
19ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Savara-Reggae-Ya-Kinyozi-130x90.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 2b969d2aece9ae2797a135b9f6f61f18704bfb14885ded3f35dbcd4cdd2fbafc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Thu, 13 Apr 2023 15:19:36 GMT
accept-ranges: bytes
content-length: 4502
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Kushman-Maandamano-130x90.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 3 KB
3 KB 23ms
19ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Kushman-Maandamano-130x90.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 62c1612476b840606292b01aee0e2d5948558a6f98260d3baa3adcd1b65ebc0d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Wed, 12 Apr 2023 09:51:42 GMT
accept-ranges: bytes
content-length: 3342
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Kirikou-Akili-Ntivyakunze-390x205.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 17 KB
17 KB 24ms
20ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Kirikou-Akili-Ntivyakunze-390x205.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 56a2873ea568a6f1a0e47536317f645002a9a78464b3445b26e2bb37c77b59f3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Thu, 20 Apr 2023 16:09:16 GMT
accept-ranges: bytes
content-length: 17860
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Namadingo-Kwenekuno-130x90.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 2 KB
2 KB 25ms
21ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Namadingo-Kwenekuno-130x90.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: e4fd8a314c1985530f18db83d1bae47fbe8b3c25a77553bcc07980443e879476

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Tue, 18 Apr 2023 07:07:40 GMT
accept-ranges: bytes
content-length: 2289
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Umutaka-Vestine-And-Dorcas-130x90.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 2 KB
2 KB 26ms
22ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Umutaka-Vestine-And-Dorcas-130x90.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 558e462cee78d9002c7acc3e47932baebf66d884d5b91d8949574dd61e2bc05e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Tue, 18 Apr 2023 07:00:14 GMT
accept-ranges: bytes
content-length: 2380
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Rickman-Manrick-X-An-Known-Cinderella-130x90.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 5 KB
5 KB 27ms
23ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Rickman-Manrick-X-An-Known-Cinderella-130x90.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 3cf7ea91dd92a1f2dee6bdf6a66f51cf055a0480fd870c7f45d1954742338bd3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Sat, 15 Apr 2023 16:59:01 GMT
accept-ranges: bytes
content-length: 5027
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Stephen-Kasolo-Njooni-Muone-390x205.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 10 KB
10 KB 27ms
24ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Stephen-Kasolo-Njooni-Muone-390x205.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 9d3338fd36041126effc1be8e49a41c2f19d33d0d058e5bab372e704a3da7f20

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Thu, 20 Apr 2023 06:50:26 GMT
accept-ranges: bytes
content-length: 10249
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Gasheni-Njera-Ya-Wendo-130x90.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 2 KB
2 KB 28ms
24ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Gasheni-Njera-Ya-Wendo-130x90.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 03f1435a0b78bd52da2cde2ae513469d8fa46b38fe2a63d70c373fe36fcd0447

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Sat, 15 Apr 2023 17:31:03 GMT
accept-ranges: bytes
content-length: 1798
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Sammy-Irungu-Guikenia-130x90.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 3 KB
4 KB 28ms
25ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Sammy-Irungu-Guikenia-130x90.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 5bc4607606dabcb7e671131fdfe54944636f41f2c78d6f980b8c7fb86913474b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Sat, 15 Apr 2023 17:10:58 GMT
accept-ranges: bytes
content-length: 3539
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Miracle-Baby-Kaana-Gaitu-130x90.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 4 KB
4 KB 29ms
26ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Miracle-Baby-Kaana-Gaitu-130x90.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: f2620c09f710c02ffd17d17ff4b8ebb70238ac156da1906ad4de1ee6f3db411e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Fri, 14 Apr 2023 16:44:53 GMT
accept-ranges: bytes
content-length: 4138
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Roma-Ft-Abiud-Nipeni-Maua-Yangu-390x205.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 11 KB
11 KB 30ms
27ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Roma-Ft-Abiud-Nipeni-Maua-Yangu-390x205.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: bee4c6686b0ac3fa61d8ad08cad9044a2e20140cfe277bba25aad2790d0bb5b1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Thu, 20 Apr 2023 16:18:57 GMT
accept-ranges: bytes
content-length: 10808
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Whozu-Ft-Marioo-Vavayo-130x90.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 4 KB
4 KB 30ms
27ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Whozu-Ft-Marioo-Vavayo-130x90.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: b46d801466db2b18945cfa2fb2d8d0166b4861856b9fd1caf7719edaceef9084

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Tue, 18 Apr 2023 09:00:37 GMT
accept-ranges: bytes
content-length: 4500
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Kusah-Napendwa-130x90.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 4 KB
4 KB 36ms
33ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Kusah-Napendwa-130x90.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 9c521a663b174e59fe5ad6bae9e607e3d128322714482d370277faf6eee40db5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Sat, 15 Apr 2023 16:53:15 GMT
accept-ranges: bytes
content-length: 4154
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Ambwene-Mwasongwe-Nitaambatana-390x205.jpg
ngoma.co.ke/wp-content/uploads/2023/04/ 13 KB
13 KB 36ms
34ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/04/Ambwene-Mwasongwe-Nitaambatana-390x205.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: fe62676c036f75971a866607f18b3bc57c67e51fc21b1d5c7769e7c947b433e7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Sat, 15 Apr 2023 16:39:46 GMT
accept-ranges: bytes
content-length: 13173
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 Moses-Bliss-Miracle-No-Dey-Tire-Jesus-130x90.jpg
ngoma.co.ke/wp-content/uploads/2023/03/ 4 KB
4 KB 37ms
34ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/03/Moses-Bliss-Miracle-No-Dey-Tire-Jesus-130x90.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: e308abd7113c09c91bcd7e8c2fb13a5a443d12bbcc3ee72a5b21ba9a52e0d0ac

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Tue, 28 Mar 2023 13:25:22 GMT
accept-ranges: bytes
content-length: 4230
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H2 200 ercy-Chinwo-Confidence-130x90.jpg
ngoma.co.ke/wp-content/uploads/2023/03/ 3 KB
3 KB 37ms
35ms Image
image/jpeg 46.105.33.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngoma.co.ke/wp-content/uploads/2023/03/ercy-Chinwo-Confidence-130x90.jpg
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.105.33.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ip210.ip-46-105-33.eu
Software: /
Resource Hash: 20dd8b774fe5994d134f9a617de30a77e3fa18a6fe9ef5e41fd1f41953c3e233

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Fri, 28 Apr 2023 04:22:20 GMT
cache-control: public, max-age=604800
last-modified: Tue, 28 Mar 2023 13:17:49 GMT
accept-ranges: bytes
content-length: 2987
expires: Fri, 05 May 2023 04:22:20 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304240101/ 354 KB
119 KB 112ms
61ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9712968225926319&plah=ngoma.co.ke

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9712968225926319

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40362b7a62944990f54f14837a7b636cca1bd8b6ff8aa9e0efda6e708b7c943c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121847
x-xss-protection: 0
server: cafe
etag: 3823889591532658017
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 04:22:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230424/r20190131/ Frame 5769 10 KB
5 KB 82ms
24ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230424/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9712968225926319

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngoma.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 10952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 01:19:48 GMT
etag: 2378337311435320485
expires: Fri, 12 May 2023 01:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
72 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9FXE22BY1W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-251680385-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

120f7f262e0539301d1f1adf6e0d9ebaa1497e70e54e54a62c020a076f5fc511

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73388
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Apr 2023 04:22:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 83ms
24ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-251680385-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 03:05:04 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4636
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 28 Apr 2023 05:05:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LDTK57QJ5B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-251680385-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

065ea6001c304e1a363e89288d92059af6fb61a58f231791648c92cdf2179438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69885
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Apr 2023 04:22:20 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 68ms
22ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9FXE22BY1W&gtm=45je34q0&_p=701502550&cid=1215495359.1682655741&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682655740&sct=1&seg=0&dl=https%3A%2F%2Fngoma.co.ke%2F&dt=Home%20%3A%20Ngoma&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9FXE22BY1W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ngoma.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 40ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LDTK57QJ5B&gtm=45je34q0&_p=701502550&gdid=dZTNiMT&cid=1215495359.1682655741&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682655740&sct=1&seg=0&dl=https%3A%2F%2Fngoma.co.ke%2F&dt=Home%20%3A%20Ngoma&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LDTK57QJ5B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ngoma.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
203 B 33ms
32ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&aip=1&a=701502550&t=pageview&_s=1&dl=https%3A%2F%2Fngoma.co.ke%2F&ul=en-us&de=UTF-8&dt=Home%20%3A%20Ngoma&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=496352283&gjid=815619067&cid=1215495359.1682655741&tid=UA-251680385-1&_gid=1412794711.1682655741&_r=1&gtm=457e34q0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1913771439

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ngoma.co.ke/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ngoma.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
600 B 90ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ngoma.co.ke&callback=_gfp_s_&client=ca-pub-9712968225926319

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9712968225926319&plah=ngoma.co.ke

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbd6f2b71b78e7699997de0a2c47c560a2970da6257dbddcc2d6ad3f261ef792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
531 B 94ms
34ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=ngoma.co.ke

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 93ms
33ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ngoma.co.ke

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1778 532 KB
94 KB 864ms
863ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&adk=1812271804&adf=3025194257&lmt=1682655740&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fngoma.co.ke%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655740392&bpp=12&bdt=277&idt=216&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5450774221228&frm=20&pv=2&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=253

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02be05f1ed90a4f488e5134d433b0ce24ea2071aa2aaa91ce9f95f7ecfd8f000

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngoma.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 95893
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 04:22:21 GMT
expires: Fri, 28 Apr 2023 04:22:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1C07 86 KB
31 KB 986ms
985ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=280&adk=997297033&adf=4244172154&pi=t.aa~a.3137240526~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1682655740&rafmt=1&to=qs&pwprc=7289758778&format=1200x280&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655740404&bpp=2&bdt=289&idt=252&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8Imr1cxUVr&p=https%3A//ngoma.co.ke&dtd=258

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

540e4d1782aea501878f552b1f3aa7b005f2ec6b9af920c957618511104bec8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngoma.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 04:22:21 GMT
expires: Fri, 28 Apr 2023 04:22:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304240101/ 149 KB
50 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304240101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e786cd2261813a4184e482c22e3b4272ea8009ae3315876cef6fcc7d6ea0a244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51511
x-xss-protection: 0
server: cafe
etag: 16735034078275067970
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 04:22:21 GMT

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
165 B 36ms
33ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=ngoma.co.ke

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 36ms
34ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ngoma.co.ke

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C606 31 KB
12 KB 413ms
412ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=280&adk=3332885161&adf=1302256761&pi=t.aa~a.2346554522~rp.1&w=390&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=390x280&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=1&bdt=1524&idt=-M&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tvKtpAMQml&p=https%3A//ngoma.co.ke&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f56556b38b21cc8c0ccda10e7b4d3bae1ed9f2b2fd72df0818c647d9786e072c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngoma.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12331
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 04:22:22 GMT
expires: Fri, 28 Apr 2023 04:22:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E4CC 32 KB
13 KB 900ms
900ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=250&adk=100150979&adf=256851991&pi=t.aa~a.3086038225~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=310x250&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=1&bdt=1524&idt=-M&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280%2C390x280&nras=4&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=omrUbPdgg4&p=https%3A//ngoma.co.ke&dtd=47

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be8c79d0d5004f26f6fdda9fc9026e26a7e49e09ca7652a7287e2572d79b94be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngoma.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12777
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 04:22:22 GMT
expires: Fri, 28 Apr 2023 04:22:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3DED 31 KB
12 KB 273ms
270ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=50&adk=3755119921&adf=3838016959&pi=t.aa~a.1178891283~rp.1&w=390&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=390x50&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=2&bdt=1524&idt=2&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280%2C390x280%2C310x250&nras=5&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Vl5gS5vr5x&p=https%3A//ngoma.co.ke&dtd=58

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2687bf44587f409fe71cfa360c75fd73aa1b695f94db8cdd6d969d46915886ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngoma.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12534
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 04:22:21 GMT
expires: Fri, 28 Apr 2023 04:22:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1C07 6 KB
1 KB 95ms
35ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=280&adk=997297033&adf=4244172154&pi=t.aa~a.3137240526~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1682655740&rafmt=1&to=qs&pwprc=7289758778&format=1200x280&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655740404&bpp=2&bdt=289&idt=252&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8Imr1cxUVr&p=https%3A//ngoma.co.ke&dtd=258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Apr 2023 04:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 03:37:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Apr 2023 04:22:21 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 1C07 2 KB
846 B 108ms
31ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 00:53:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/ Frame 1C07 22 KB
9 KB 101ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06f3ddbbd0c90766d744b824d27c491995029162c303fb9b9263915d1130b5b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8790
x-xss-protection: 0
server: cafe
etag: 1446065643150489480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 00:52:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 1C07 3 KB
1 KB 101ms
32ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 14:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 14:37:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 1C07 19 KB
8 KB 104ms
27ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 6327879953816217519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 00:53:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C07 158 KB
49 KB 126ms
49ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Apr 2023 04:22:21 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame 1C07 32 KB
14 KB 80ms
24ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 12:11:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1C07 0
0 72ms
71ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRwEi_ElLZI6bKsmH7_UPptCWwAX84MujcJKcmMDbEJ3tnpaRDhABIJ-O34oBYPsBoAGaq-KyKcgBCagDAcgDywSqBMgBT9AY9GaV6wi3NcKwAZIKSuKFQU9AOcv0dLSBndZrwdaaQBvcRS87PtJd5HiWFl7xe9KEC4-hlHDE3-BYGDzYF0S7ABw2JJGMnmxeGOsDLhMDuIRUxpPcYTQrEYOpDCyx8E5bmUgMI51avAZl2VM5mRmUl4iTjmYKOhfkkgNGt95NGoHfy7czdIwjj2B8DQlUMkKJ38mE6kkUKWPKw7LSHJxQ31RXygtAkC-1RXEYd8O27wyZulebfiJ-CcjiMqvch2rJr_EE0fPABIvp3JerBJIFBAgEGAGSBQQIBRgEoAYugAea47KSBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJjJBtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi05NzEyOTY4MjI1OTI2MzE5GAA&sigh=_zbOptBN-do&uach_m=[UACH]&cid=CAQSGwBygQiDRjC1GaNPH0C4Gz_R9LtOK_iLsLgzQxgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=280&adk=997297033&adf=4244172154&pi=t.aa~a.3137240526~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1682655740&rafmt=1&to=qs&pwprc=7289758778&format=1200x280&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655740404&bpp=2&bdt=289&idt=252&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8Imr1cxUVr&p=https%3A//ngoma.co.ke&dtd=258
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Apr 2023 04:22:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Apr 2023 04:22:21 GMT

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 34ms
33ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=ngoma.co.ke

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/ Frame 4663 10 KB
4 KB 25ms
24ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngoma.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 23414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 21:52:07 GMT
etag: 2378337311435320485
expires: Thu, 11 May 2023 21:52:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/ Frame 0A42 10 KB
4 KB 25ms
24ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngoma.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 23414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 21:52:07 GMT
etag: 2378337311435320485
expires: Thu, 11 May 2023 21:52:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/ Frame CD31 10 KB
4 KB 25ms
24ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngoma.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 23414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 21:52:07 GMT
etag: 2378337311435320485
expires: Thu, 11 May 2023 21:52:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/ Frame 92E2 10 KB
4 KB 25ms
24ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngoma.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 23414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 21:52:07 GMT
etag: 2378337311435320485
expires: Thu, 11 May 2023 21:52:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/18245590622285037737/ Frame 1C07 17 KB
17 KB 77ms
47ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18245590622285037737/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f69df537066aa235270e9ab7c8cd6874853552a3e5b84d3a68a624d16140d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 17:01:10 GMT
x-content-type-options: nosniff
age: 127271
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17526
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 02:54:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 25 Apr 2024 17:01:10 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10021709161256309126/ Frame 1C07 2 KB
2 KB 75ms
45ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10021709161256309126/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fe4b186de87b21d9f395c8f5a129ebdf0e1ba24a24e224f4f1b07c2332eb681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:17:23 GMT
x-content-type-options: nosniff
age: 475498
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1889
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 23:52:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 21 Apr 2024 16:17:23 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 4663 5 KB
732 B 34ms
33ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Apr 2023 04:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 03:31:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Apr 2023 04:22:21 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4663 205 B
294 B 26ms
25ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:00:39 GMT
x-content-type-options: nosniff
age: 1302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 27 Apr 2024 04:00:39 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4663 604 B
918 B 25ms
24ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:01:42 GMT
x-content-type-options: nosniff
age: 1239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 27 Apr 2024 04:01:42 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/elements/html/ Frame 4663 19 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:53:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8031
x-xss-protection: 0
server: cafe
etag: 4566461469134147509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 00:53:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0A42 6 KB
768 B 36ms
36ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Apr 2023 04:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 03:36:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Apr 2023 04:22:21 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 0A42 2 KB
799 B 25ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 00:53:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/ Frame 0A42 22 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06f3ddbbd0c90766d744b824d27c491995029162c303fb9b9263915d1130b5b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8790
x-xss-protection: 0
server: cafe
etag: 1446065643150489480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 00:52:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 0A42 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 14:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 14:37:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 0A42 19 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 6327879953816217519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 00:53:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0A42 158 KB
48 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Apr 2023 04:22:21 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame 0A42 32 KB
13 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 12:11:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CD31 6 KB
768 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Apr 2023 04:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 03:36:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Apr 2023 04:22:21 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame CD31 2 KB
799 B 24ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 00:53:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/ Frame CD31 22 KB
9 KB 29ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06f3ddbbd0c90766d744b824d27c491995029162c303fb9b9263915d1130b5b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8790
x-xss-protection: 0
server: cafe
etag: 1446065643150489480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 00:52:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame CD31 3 KB
1 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 14:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 14:37:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame CD31 19 KB
8 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 6327879953816217519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 00:53:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CD31 158 KB
48 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Apr 2023 04:22:21 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame CD31 32 KB
13 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 12:11:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 92E2 4 KB
718 B 37ms
37ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12a3831e778d8969aad8052ad463f9ecc63745c97c994c4e8b15c04e46f49b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Apr 2023 04:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 03:35:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Apr 2023 04:22:21 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 92E2 2 KB
799 B 24ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 00:53:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/ Frame 92E2 22 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06f3ddbbd0c90766d744b824d27c491995029162c303fb9b9263915d1130b5b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8790
x-xss-protection: 0
server: cafe
etag: 1446065643150489480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 00:52:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 92E2 3 KB
1 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 14:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 14:37:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 92E2 19 KB
8 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 6327879953816217519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 00:53:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 92E2 158 KB
48 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Apr 2023 04:22:21 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame 92E2 32 KB
13 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 12:11:33 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/4400126912136404509/ Frame 92E2 38 KB
38 KB 28ms
26ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4400126912136404509/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa1eaf220371512ea6b05e40a3c517022b212b504d06c88492746cef2a637e5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 10:55:11 GMT
x-content-type-options: nosniff
age: 62830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38753
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 01:13:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 26 Apr 2024 10:55:11 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10021709161256309126/ Frame 92E2 2 KB
2 KB 37ms
36ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10021709161256309126/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fe4b186de87b21d9f395c8f5a129ebdf0e1ba24a24e224f4f1b07c2332eb681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:17:23 GMT
x-content-type-options: nosniff
age: 475498
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1889
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 23:52:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 21 Apr 2024 16:17:23 GMT

GET
DATA 200
OK truncated
/ Frame 1C07 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e44b329cdec691a25384c265efed3fcadb0e52b8fbbd011490893a19510a574c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame CF17 9 KB
921 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Apr 2023 04:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 03:30:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Apr 2023 04:22:22 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame CF17 2 KB
765 B 25ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 00:53:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/ Frame CF17 22 KB
9 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06f3ddbbd0c90766d744b824d27c491995029162c303fb9b9263915d1130b5b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8790
x-xss-protection: 0
server: cafe
etag: 1446065643150489480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 00:52:53 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame CF17 3 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 14:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 14:37:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame CF17 19 KB
8 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 6327879953816217519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 00:53:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF17 158 KB
48 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Apr 2023 04:22:22 GMT

GET
H3 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame CF17 32 KB
13 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 12:11:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1C07 15 KB
16 KB 91ms
28ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 478649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 15:24:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1C07 15 KB
16 KB 116ms
55ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 472687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 17:04:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1C07 15 KB
15 KB 94ms
35ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 02:06:17 GMT
x-content-type-options: nosniff
age: 8165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 02:06:17 GMT

GET
DATA 200
OK truncated
/ Frame 92E2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 648791b3c60db34bc563694f41c97c1c5b1600be4a7366d9a3bcef12f02d15b8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2D31 0
0 69ms
68ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9LiY_UlLZNrvLIWP7_UPtaep8Avi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgSxAU_Q4R4058FZBRSwoInaOTTyXQcH-HyFFoHJhB8SKOALv7kcMhOo77r2NMMIgDEgCSopFaLkRr_xLdNcTBbvGiIroE_Bq7MW7nuvs1cyLdDI5hJfgiEiaVVGjAt1UF4v8RagDZW3Kk6nIVFrz0x147_omsDcy6OwRDPURsD3K9FScFcDL7cQXQdsX6xoZ2xcLe9eaqyUo9trzxb6ZxkYfUJllCseaeWLKZtUSacX1UoX94AGi-j66cGpgLj3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTcxMjk2ODIyNTkyNjMxORgA&sigh=InpU7kKHfvw&uach_m=[UACH]&cid=CAQSPABygQiDnlzf8sZNxNepuKrtYR_HvTIslRdcK_rCaQN139j8Y1e0BLHYWGJRrsN1NFypOKa9vLbvcVb3hBgB

Requested by

Host: ngoma.co.ke
URL: https://ngoma.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=50&adk=3755119921&adf=3838016959&pi=t.aa~a.1178891283~rp.1&w=390&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=390x50&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=2&bdt=1524&idt=2&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280%2C390x280%2C310x250&nras=5&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Vl5gS5vr5x&p=https%3A//ngoma.co.ke&dtd=58
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Apr 2023 04:22:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 2D31 0
0 79ms
26ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jz6adr546hcc8pf7g4rs7zn8bgzyv0bzsd6ed30edp1t1na7pphrcym2w96x7743vdg1zypp5qwxyav5xc3abgp89gwa75dxpzq0yap04qb4vkj77rma0ye2v762vxs6nnk87rwj9rnyx0a074py78mxwahpegzbb8pwrggjz56nff0qcfzqfwj24nepqv0ef5vxz9zw1fen284mw3xw3mn7k920dzasd712tyefr5jd90yth1an4hrw8442k03ec4bv4w59kw9befsjw3z9gah3299es4p2324pd91b6sky4c1pfnhdb7g7gj66zfsxzhv4rzzvqkajm08y9gk1j97qjwp9q5skcnxdhfvbs0pf1bj4b4dq3g5axa4zn0nhrhv4nb33656nyav&b=ZEtJ_QALN9oIu8eFAApTtQ7YAYKnuYOLmkIAZw
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 28 Apr 2023 04:22:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 0C74 2 KB
2 KB 91ms
38ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kcz1vzhctnn0s3bvm5j1vpd6rfdvmsby67j9m7585h5a1x9zyynx97gb8tan8npj65rh9rrw5vfnwqehfyrddssq8f2ebk5v8n6w6ms1kp95zb2dqtgeyktyan2pfpy81fvktasp1ctvgad3458rnz7wr2a1mq1m0fp6bq0sgh44ax39g2arg6mpx1nj5mevfvmaes4j4yc2q7kr545rd3mfxtbgemn8pz7jcqeeqbpvppw4j3vh7pj53f6k3x0yxp1ahrd3nr34w49wgr9xfe4mh93v91wabww2gm8je0gksh8pa355qv8m35726gvrz5a1c59hv0vp4gr0hjn1t80zss8ev9teh4akpaxxk989z4gw4rzhdtw5ntgntevr2tgb929asm3e3b1ymhkyavenbk8rhx5stqhh83y971ynhmjma5tzqhk098xhda18kr7y30tfg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6f3u_UlLZNrvLIWP7_UPtaep8Avi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS0AU_Q4R4058FZBRSwoInaOTTyXQcH-HyFFoHJhB8SKOALv7kcMhOo77r2NMMIgDEgCSopFaLkRr_xLdNcTBbvGiIroE_Bq7MW7nuvs1cyLdDI5hJfgiEiaVVGjAt1UF4v8RagDZW3Kk6nIVFrz0x147_omsDcy6OwRDPURsD3K9FScFcDL7cQXQdsX6wqZU3O-hbZKmQTvxPKr9VzIwIS0EhLjKLA0IVIqnJFZb_CCdVXP7aCzoAGi-j66cGpgLj3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1c9ZGJVeykVeeBkoKJvt80UibgEQ%26client%3Dca-pub-9712968225926319%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=50&adk=3755119921&adf=3838016959&pi=t.aa~a.1178891283~rp.1&w=390&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=390x50&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=2&bdt=1524&idt=2&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280%2C390x280%2C310x250&nras=5&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Vl5gS5vr5x&p=https%3A//ngoma.co.ke&dtd=58

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba121a02b7da81d7bd27266dfab2fa64cd0769db999fa30237827e2f98066e4e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7bec86150b000263-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 04:22:22 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 2D31 3 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 14:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 14:37:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8FBF 1 KB
643 B 27ms
26ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 33717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 19:00:25 GMT
etag: 48472445140208031
expires: Fri, 28 Apr 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 2D31 19 KB
8 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 6327879953816217519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 00:53:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2D31 0
0 95ms
33ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJspp9ooLF-eqq3uEWmSTat_K2Ds49FBC90YbHanAuxysr9pIRrrXL_1OEiv-VuokaEJmwn4jJVl76q3wIpqe-QIdsaQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=50&adk=3755119921&adf=3838016959&pi=t.aa~a.1178891283~rp.1&w=390&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=390x50&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=2&bdt=1524&idt=2&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280%2C390x280%2C310x250&nras=5&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Vl5gS5vr5x&p=https%3A//ngoma.co.ke&dtd=58
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D31 158 KB
48 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Apr 2023 04:22:22 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 92E2 0
19 B 70ms
70ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFnFA_ElLZMKuKfiC7_UP5LiLyAe2oKqccLTiwKjkEZ3tnpaRDhABIJ-O34oBYPsBoAGaq-KyKcgBCagDAcgDywSqBMgBT9DQq59yVhUUS84V8NHd9AV5dS6SPdiBslisPZavFJ_cfUY_0IRzlL2U_oBoj7N5bFIpLVWbJTTn6UMH3taO26RQ5Ib4rr7Ry4v7Q6tHYXLth5kRMUoB7TGksmHxaKJfBwb9SeoY5w9k-JgrRYBrxS6P7IZ_dZ1ldvda9is1jchoz5AbHdJbaVW1IDqJ7W7rJLbTXU6pF-mZgKDYdFEVM6StzYR4XO9eiVae1LdWhfxy3PbvCyzxqkM3RShumzIzFz5Bq8D3dLzABNanwZCeBJIFBAgEGAGSBQQIBRgEoAYugAea47KSBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEK6ZP9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi05NzEyOTY4MjI1OTI2MzE5GAA&sigh=QKrK-IGXYV8&uach_m=[UACH]&cid=CAQSGwBygQiDUv_5ecdW1azBLeReQl0M5zIWA-U0KBgB&template_id=484&cbvp=2&vis=1

Requested by

Host: ngoma.co.ke
URL: https://ngoma.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Apr 2023 04:22:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 47F0 0
0 68ms
68ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTzID_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS6AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-iw6db3RMamZQ-CuZfykyeMhh0nTAKNsSUnu3OssE0utnMnuu9ncDYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTcxMjk2ODIyNTkyNjMxORgA&sigh=fz6ib_rOmjg&uach_m=[UACH]&cid=CAQSPABygQiDo964Sdkj7rnbrswj9bHzFrxGMdKkpK38LPnoBxiRMTDi07G6i_pYiNa2XBzViuln9vhEHQtcZhgB

Requested by

Host: ngoma.co.ke
URL: https://ngoma.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=280&adk=3332885161&adf=1302256761&pi=t.aa~a.2346554522~rp.1&w=390&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=390x280&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=1&bdt=1524&idt=-M&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tvKtpAMQml&p=https%3A//ngoma.co.ke&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Apr 2023 04:22:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 47F0 0
0 26ms
25ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j08atzcx3zjbdw2wfbwje87zneze2syh5j61vhc372za3z51k2y2gaxr7hvfwd9my4at7me0bvw6ygmbx7zbfenfqzp9n0dh6s4yzvdeymrty0vam181s8n5e976f6a3n6zpje8wdybgxj505fyhfy2zb8k0dc7bjx1zj3fzmwbqar04z3185c56cznce6tm4r95ce32whnmk69fgv1bt6b7f7768d9qc1bcvfmp0rj115efxhzksqt4yp6371dh8nhwzr1cs7phyvfz7xye1wgxq50q1zpmavbk1e8hcxfm5nza9y2qkqb6sm9nmm92wyntz17k75b566r01r0gn5z263de9rqp4pd99p8fk719r0vby6ejy8a96z0ej13be98t8d1dg&b=ZEtJ_QAKirwIu9CkAAlYpsLJF1y49H-TRF-4Qw
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 28 Apr 2023 04:22:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 6CAE 2 KB
1 KB 36ms
34ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jwknk2feb8m6mc6e6mq7rxv6836tb8kdgam4yzmbng31n103qdpzzhh69jsd1v04ky7mtd858aatyfkncqfg5nn0ww2kfmxwv7bsds7xd76p3gxwa2wjchnq0p4ycb600bft1y7v5093v3ha494kk0z5hnr3mt0z6edgkx2f7jrp1g58p8z1ma5y988kmhsbxkczz5jyvrj2v44a8qkzy0fchdt1p2d13d5a4ca014rxewb08pajwb854fj47pwy8rvkgk4kn827xyxsxsy5694p4f8k09k0tep3xaear8x6fannvs0ghazkafbqc89y2e9vzjtxw0xgy0d2571zt6e4qrx65h675b8fk5nkd738437ht4my7zsn13cdftawy283yshwx2h143n9bbncd494pk2kqk9m9c7mawk1fjzypwxjwfpchwz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwK29_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS9AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-ix4d5xD5lAeAygpeTQFqSCow1LZralCUcAwZYvvkKK8sNE7Z0acxbIDQ4AGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_15t4Y6S8yXoN8tncqR9Wf6BKj6IQ%26client%3Dca-pub-9712968225926319%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=280&adk=3332885161&adf=1302256761&pi=t.aa~a.2346554522~rp.1&w=390&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=390x280&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=1&bdt=1524&idt=-M&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tvKtpAMQml&p=https%3A//ngoma.co.ke&dtd=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

776adaa9056bb192f6185030ea0fdd4b7bb451aa99b8d037bd02c5d7495cb554

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7bec86159b280263-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 04:22:22 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 47F0 3 KB
1 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 14:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 14:37:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B02F 1 KB
643 B 28ms
26ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 33717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 19:00:25 GMT
etag: 48472445140208031
expires: Fri, 28 Apr 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 47F0 19 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 6327879953816217519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 00:53:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 47F0 0
0 35ms
33ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQKi4As9eK6RbpqQmDLlx2jbnua7xg55w0XobjUWjLZJbF7iZtqZoWEg1WX6BOCtMO0lTHVlgVGin_w9ELKntS800D3JQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=280&adk=3332885161&adf=1302256761&pi=t.aa~a.2346554522~rp.1&w=390&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=390x280&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=1&bdt=1524&idt=-M&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tvKtpAMQml&p=https%3A//ngoma.co.ke&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 47F0 158 KB
48 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Apr 2023 04:22:22 GMT

GET
H3 200 BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js Show response
pagead2.googlesyndication.com/bg/ Frame 95E2 36 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js

Requested by

Host: ngoma.co.ke
URL: https://ngoma.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

067a2eb0be482c154a3e8c7f0610adc7d70b0bcc3e1c0869ddad613cb826cc0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 07:27:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 161667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14156
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 07:27:55 GMT

GET
H3 200 BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js Show response
pagead2.googlesyndication.com/bg/ Frame AF10 36 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js

Requested by

Host: ngoma.co.ke
URL: https://ngoma.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

067a2eb0be482c154a3e8c7f0610adc7d70b0bcc3e1c0869ddad613cb826cc0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 07:27:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 161667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14156
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 07:27:55 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 0C74 94 KB
12 KB 30ms
28ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kcz1vzhctnn0s3bvm5j1vpd6rfdvmsby67j9m7585h5a1x9zyynx97gb8tan8npj65rh9rrw5vfnwqehfyrddssq8f2ebk5v8n6w6ms1kp95zb2dqtgeyktyan2pfpy81fvktasp1ctvgad3458rnz7wr2a1mq1m0fp6bq0sgh44ax39g2arg6mpx1nj5mevfvmaes4j4yc2q7kr545rd3mfxtbgemn8pz7jcqeeqbpvppw4j3vh7pj53f6k3x0yxp1ahrd3nr34w49wgr9xfe4mh93v91wabww2gm8je0gksh8pa355qv8m35726gvrz5a1c59hv0vp4gr0hjn1t80zss8ev9teh4akpaxxk989z4gw4rzhdtw5ntgntevr2tgb929asm3e3b1ymhkyavenbk8rhx5stqhh83y971ynhmjma5tzqhk098xhda18kr7y30tfg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6f3u_UlLZNrvLIWP7_UPtaep8Avi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS0AU_Q4R4058FZBRSwoInaOTTyXQcH-HyFFoHJhB8SKOALv7kcMhOo77r2NMMIgDEgCSopFaLkRr_xLdNcTBbvGiIroE_Bq7MW7nuvs1cyLdDI5hJfgiEiaVVGjAt1UF4v8RagDZW3Kk6nIVFrz0x147_omsDcy6OwRDPURsD3K9FScFcDL7cQXQdsX6wqZU3O-hbZKmQTvxPKr9VzIwIS0EhLjKLA0IVIqnJFZb_CCdVXP7aCzoAGi-j66cGpgLj3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1c9ZGJVeykVeeBkoKJvt80UibgEQ%26client%3Dca-pub-9712968225926319%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kcz1vzhctnn0s3bvm5j1vpd6rfdvmsby67j9m7585h5a1x9zyynx97gb8tan8npj65rh9rrw5vfnwqehfyrddssq8f2ebk5v8n6w6ms1kp95zb2dqtgeyktyan2pfpy81fvktasp1ctvgad3458rnz7wr2a1mq1m0fp6bq0sgh44ax39g2arg6mpx1nj5mevfvmaes4j4yc2q7kr545rd3mfxtbgemn8pz7jcqeeqbpvppw4j3vh7pj53f6k3x0yxp1ahrd3nr34w49wgr9xfe4mh93v91wabww2gm8je0gksh8pa355qv8m35726gvrz5a1c59hv0vp4gr0hjn1t80zss8ev9teh4akpaxxk989z4gw4rzhdtw5ntgntevr2tgb929asm3e3b1ymhkyavenbk8rhx5stqhh83y971ynhmjma5tzqhk098xhda18kr7y30tfg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6f3u_UlLZNrvLIWP7_UPtaep8Avi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS0AU_Q4R4058FZBRSwoInaOTTyXQcH-HyFFoHJhB8SKOALv7kcMhOo77r2NMMIgDEgCSopFaLkRr_xLdNcTBbvGiIroE_Bq7MW7nuvs1cyLdDI5hJfgiEiaVVGjAt1UF4v8RagDZW3Kk6nIVFrz0x147_omsDcy6OwRDPURsD3K9FScFcDL7cQXQdsX6wqZU3O-hbZKmQTvxPKr9VzIwIS0EhLjKLA0IVIqnJFZb_CCdVXP7aCzoAGi-j66cGpgLj3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1c9ZGJVeykVeeBkoKJvt80UibgEQ%26client%3Dca-pub-9712968225926319%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 235060
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTRUKCJT%2B8Rpwf9cdlihJV0ArftR1f25Oi%2BaYOFQYCmthezRF2Kvn2ar4hXfB9G2%2BKx2nHFD4e2Creq39eLmH4nAW50rjY497onwbZOzQzEuezNdUh964gUkucWtqlOU5FFFkPjj1sQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7bec8615ebd73cb1-CDG
expires: Fri, 28 Apr 2023 05:22:22 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 0C74 25 KB
10 KB 41ms
29ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kcz1vzhctnn0s3bvm5j1vpd6rfdvmsby67j9m7585h5a1x9zyynx97gb8tan8npj65rh9rrw5vfnwqehfyrddssq8f2ebk5v8n6w6ms1kp95zb2dqtgeyktyan2pfpy81fvktasp1ctvgad3458rnz7wr2a1mq1m0fp6bq0sgh44ax39g2arg6mpx1nj5mevfvmaes4j4yc2q7kr545rd3mfxtbgemn8pz7jcqeeqbpvppw4j3vh7pj53f6k3x0yxp1ahrd3nr34w49wgr9xfe4mh93v91wabww2gm8je0gksh8pa355qv8m35726gvrz5a1c59hv0vp4gr0hjn1t80zss8ev9teh4akpaxxk989z4gw4rzhdtw5ntgntevr2tgb929asm3e3b1ymhkyavenbk8rhx5stqhh83y971ynhmjma5tzqhk098xhda18kr7y30tfg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6f3u_UlLZNrvLIWP7_UPtaep8Avi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS0AU_Q4R4058FZBRSwoInaOTTyXQcH-HyFFoHJhB8SKOALv7kcMhOo77r2NMMIgDEgCSopFaLkRr_xLdNcTBbvGiIroE_Bq7MW7nuvs1cyLdDI5hJfgiEiaVVGjAt1UF4v8RagDZW3Kk6nIVFrz0x147_omsDcy6OwRDPURsD3K9FScFcDL7cQXQdsX6wqZU3O-hbZKmQTvxPKr9VzIwIS0EhLjKLA0IVIqnJFZb_CCdVXP7aCzoAGi-j66cGpgLj3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1c9ZGJVeykVeeBkoKJvt80UibgEQ%26client%3Dca-pub-9712968225926319%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 292555
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4umtt0zopDx8qwuTfW%2FhRDK%2Fag2SUYqPan5P0hehFbXxoKqb%2Brd7TjbVV%2BRvjz%2BnTFoSqB5E%2FxLmGmMlnDAMJd3NmYO%2FJPxj4UwIbzOCJwAkCYrHPPb4dK7hMCl3bIRXn8H7e8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7bec8615fb460263-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 18 Apr 2023 13:45:45 GMT

GET
H3 200 BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E27 36 KB
14 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js

Requested by

Host: ngoma.co.ke
URL: https://ngoma.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

067a2eb0be482c154a3e8c7f0610adc7d70b0bcc3e1c0869ddad613cb826cc0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 07:27:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 161667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14156
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 07:27:55 GMT

GET
DATA 200
OK truncated
/ Frame 2D31 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27aaeb4b5b32d0f0f6e4046aea8e577c75a9e50cbf7489d925c0da05c5f2db29

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 6CAE 94 KB
12 KB 29ms
28ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jwknk2feb8m6mc6e6mq7rxv6836tb8kdgam4yzmbng31n103qdpzzhh69jsd1v04ky7mtd858aatyfkncqfg5nn0ww2kfmxwv7bsds7xd76p3gxwa2wjchnq0p4ycb600bft1y7v5093v3ha494kk0z5hnr3mt0z6edgkx2f7jrp1g58p8z1ma5y988kmhsbxkczz5jyvrj2v44a8qkzy0fchdt1p2d13d5a4ca014rxewb08pajwb854fj47pwy8rvkgk4kn827xyxsxsy5694p4f8k09k0tep3xaear8x6fannvs0ghazkafbqc89y2e9vzjtxw0xgy0d2571zt6e4qrx65h675b8fk5nkd738437ht4my7zsn13cdftawy283yshwx2h143n9bbncd494pk2kqk9m9c7mawk1fjzypwxjwfpchwz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwK29_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS9AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-ix4d5xD5lAeAygpeTQFqSCow1LZralCUcAwZYvvkKK8sNE7Z0acxbIDQ4AGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_15t4Y6S8yXoN8tncqR9Wf6BKj6IQ%26client%3Dca-pub-9712968225926319%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jwknk2feb8m6mc6e6mq7rxv6836tb8kdgam4yzmbng31n103qdpzzhh69jsd1v04ky7mtd858aatyfkncqfg5nn0ww2kfmxwv7bsds7xd76p3gxwa2wjchnq0p4ycb600bft1y7v5093v3ha494kk0z5hnr3mt0z6edgkx2f7jrp1g58p8z1ma5y988kmhsbxkczz5jyvrj2v44a8qkzy0fchdt1p2d13d5a4ca014rxewb08pajwb854fj47pwy8rvkgk4kn827xyxsxsy5694p4f8k09k0tep3xaear8x6fannvs0ghazkafbqc89y2e9vzjtxw0xgy0d2571zt6e4qrx65h675b8fk5nkd738437ht4my7zsn13cdftawy283yshwx2h143n9bbncd494pk2kqk9m9c7mawk1fjzypwxjwfpchwz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwK29_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS9AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-ix4d5xD5lAeAygpeTQFqSCow1LZralCUcAwZYvvkKK8sNE7Z0acxbIDQ4AGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_15t4Y6S8yXoN8tncqR9Wf6BKj6IQ%26client%3Dca-pub-9712968225926319%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 235060
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6eTTKKcvGyNcBNbuWuDeBU5BEeC5mteSLog1pbLv1B%2FRx0iNf%2F6WPGIEoxKlO5EGv%2FVruWrByihDFgr6th5FIkRQZqeHDvH8D%2FMKjSkzo09FGKx3rJr4wa6nPQSkrkVy9a8bBP1I%2FJY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7bec86166c193cb1-CDG
expires: Fri, 28 Apr 2023 05:22:22 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 6CAE 25 KB
10 KB 30ms
28ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jwknk2feb8m6mc6e6mq7rxv6836tb8kdgam4yzmbng31n103qdpzzhh69jsd1v04ky7mtd858aatyfkncqfg5nn0ww2kfmxwv7bsds7xd76p3gxwa2wjchnq0p4ycb600bft1y7v5093v3ha494kk0z5hnr3mt0z6edgkx2f7jrp1g58p8z1ma5y988kmhsbxkczz5jyvrj2v44a8qkzy0fchdt1p2d13d5a4ca014rxewb08pajwb854fj47pwy8rvkgk4kn827xyxsxsy5694p4f8k09k0tep3xaear8x6fannvs0ghazkafbqc89y2e9vzjtxw0xgy0d2571zt6e4qrx65h675b8fk5nkd738437ht4my7zsn13cdftawy283yshwx2h143n9bbncd494pk2kqk9m9c7mawk1fjzypwxjwfpchwz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwK29_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS9AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-ix4d5xD5lAeAygpeTQFqSCow1LZralCUcAwZYvvkKK8sNE7Z0acxbIDQ4AGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_15t4Y6S8yXoN8tncqR9Wf6BKj6IQ%26client%3Dca-pub-9712968225926319%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 225395
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QndLK47qDywTrCCYgycoljqvc1nWCwQFllysaY%2BSUHQ7f4UbUNFAfwQXCKUhYqRcOBsWp%2FFrhlAOqY%2FWljycuXQQaH6R1Qo%2FbDAi1bJhbHBd4lVrgBhBtkOZedC%2BheAV4121eKE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7bec86166c1a3cb1-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 18 Apr 2023 13:45:45 GMT

GET
H3 200 BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7818 36 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

067a2eb0be482c154a3e8c7f0610adc7d70b0bcc3e1c0869ddad613cb826cc0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 07:27:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 161667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14156
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 07:27:55 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8FBF
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENHbtrsYo7HDVDsMbM3-btc&google_cver=1&google_push=ATf1kGNhSU5VRptwBpOijQjeYtG8HktV7jVr6joRU5l3Mlf-BWvfyiWAKCM-T4DHLR8fIYqsh21Dxb3mArhxGNEXUkdZcQdXGWNSDw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjYyMzUyOTA3NTU1NjM3NTc4MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMS4NoRZs7EXamH1vxzQW2c&google_cver=1

43 B
398 B

62ms
22ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMS4NoRZs7EXamH1vxzQW2c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=50&adk=3755119921&adf=3838016959&pi=t.aa~a.1178891283~rp.1&w=390&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=390x50&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=2&bdt=1524&idt=2&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280%2C390x280%2C310x250&nras=5&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Vl5gS5vr5x&p=https%3A//ngoma.co.ke&dtd=58
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 28 Apr 2023 04:22:22 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMS4NoRZs7EXamH1vxzQW2c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 8FBF
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJ5t8GeWxUQFkwShmQ6cuEY&google_cver=1&google_push=ATf1kGNDH8e3z1khOgicbg3tS4DMERm2Jl0lCsWfjPdDmXpArW7o7fK6aZRms4No0KKkVportgNR0uwJdyTvyIMUII7C5cEpEDiQC...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJ5t8GeWxUQFkwShmQ6cuEY&google_cver=1&google_push=ATf1kGNDH8e3z1khOgicbg3tS4DMERm2Jl0lCsWfjPdDmXpArW7o7fK6aZRms4No0KKkVportgNR0uwJdyTvyIMUII7C5cEpEDi...

43 B
417 B

173ms
172ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJ5t8GeWxUQFkwShmQ6cuEY&google_cver=1&google_push=ATf1kGNDH8e3z1khOgicbg3tS4DMERm2Jl0lCsWfjPdDmXpArW7o7fK6aZRms4No0KKkVportgNR0uwJdyTvyIMUII7C5cEpEDiQCsM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNDH8e3z1khOgicbg3tS4DMERm2Jl0lCsWfjPdDmXpArW7o7fK6aZRms4No0KKkVportgNR0uwJdyTvyIMUII7C5cEpEDiQCsM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=50&adk=3755119921&adf=3838016959&pi=t.aa~a.1178891283~rp.1&w=390&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=390x50&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=2&bdt=1524&idt=2&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280%2C390x280%2C310x250&nras=5&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Vl5gS5vr5x&p=https%3A//ngoma.co.ke&dtd=58
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:22 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7bec86184d5d2a59-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:22 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 166
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJ5t8GeWxUQFkwShmQ6cuEY&google_cver=1&google_push=ATf1kGNDH8e3z1khOgicbg3tS4DMERm2Jl0lCsWfjPdDmXpArW7o7fK6aZRms4No0KKkVportgNR0uwJdyTvyIMUII7C5cEpEDiQCsM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNDH8e3z1khOgicbg3tS4DMERm2Jl0lCsWfjPdDmXpArW7o7fK6aZRms4No0KKkVportgNR0uwJdyTvyIMUII7C5cEpEDiQCsM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7bec8616fcda2a59-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8FBF
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHPhy-K7IH5yiXKBuS5Jzzw&google_cver=1&google_push=ATf1kGNKf9Pqyk0k0vdHzj4Fdxt1vvnFOfDh8S2_3qOEga8lavzzwrYz44fJrtHLlsjyTH7JWMEa-T3v1eEGSUwN...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=jlXGQLoFSJKj9LGOKnE3EQ2&google_push=ATf1kGNKf9Pqyk0k0vdHzj4Fdxt1vvnFOfDh8S2_3qOEga8lavzzwrYz44fJrtHLlsjyTH7JWMEa-T3v1eEGSUwNRbDEd1rbIR3OZqY

170 B
329 B

36ms
35ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=jlXGQLoFSJKj9LGOKnE3EQ2&google_push=ATf1kGNKf9Pqyk0k0vdHzj4Fdxt1vvnFOfDh8S2_3qOEga8lavzzwrYz44fJrtHLlsjyTH7JWMEa-T3v1eEGSUwNRbDEd1rbIR3OZqY

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 28 Apr 2023 04:22:22 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=jlXGQLoFSJKj9LGOKnE3EQ2&google_push=ATf1kGNKf9Pqyk0k0vdHzj4Fdxt1vvnFOfDh8S2_3qOEga8lavzzwrYz44fJrtHLlsjyTH7JWMEa-T3v1eEGSUwNRbDEd1rbIR3OZqY
x-host: tde-deliveryengine-production-69d487867f-w6bz9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sync
x.bidswitch.net/ Frame 8FBF 0
71 B 119ms
27ms Image
text/plain 35.158.72.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEF1Lk8TAx_0WKXYc2GYa6d4&google_cver=1&google_push=ATf1kGPdtVeDpy4YdZRel9eP-xeWriXxkqt_7VJAddyKxOLJBq1RLKcjdiO1SDLVWMtJWZCw6dIpA7P6litmfKvHWsQwep-HCa-SVxs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=50&adk=3755119921&adf=3838016959&pi=t.aa~a.1178891283~rp.1&w=390&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=390x50&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=2&bdt=1524&idt=2&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280%2C390x280%2C310x250&nras=5&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Vl5gS5vr5x&p=https%3A//ngoma.co.ke&dtd=58
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.72.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-72-189.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:22 GMT
cache-control: no-cache, no-store, must-revalidate

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8FBF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAxA7PlDPyM1zNN-mvIrOKs&google_cver=1&google_push=ATf1kGNb_ehrz-1-ZzoilemIwFPpzxM5IfAE4XeT2H3Pcp2QfhZYBbzA_CnNpWqjvemFw7p8vgf5y53yt7RSPR1cx8rQ0-v...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNb_ehrz-1-ZzoilemIwFPpzxM5IfAE4XeT2H3Pcp2QfhZYBbzA_CnNpWqjvemFw7p8vgf5y53yt7RSPR1cx8rQ0-vfhcfzSxk&google_hm=eS1lUkRfQkxaRTJwR3d...

170 B
232 B

35ms
35ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNb_ehrz-1-ZzoilemIwFPpzxM5IfAE4XeT2H3Pcp2QfhZYBbzA_CnNpWqjvemFw7p8vgf5y53yt7RSPR1cx8rQ0-vfhcfzSxk&google_hm=eS1lUkRfQkxaRTJwR3dCdUE5clBUb3BIOFhmRmtPbHZ0cn5B

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 28 Apr 2023 04:22:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNb_ehrz-1-ZzoilemIwFPpzxM5IfAE4XeT2H3Pcp2QfhZYBbzA_CnNpWqjvemFw7p8vgf5y53yt7RSPR1cx8rQ0-vfhcfzSxk&google_hm=eS1lUkRfQkxaRTJwR3dCdUE5clBUb3BIOFhmRmtPbHZ0cn5B
content-length: 0

GET
H2 200 google
d5p.de17a.com/cookies/ Frame 8FBF 35 B
125 B 140ms
43ms Image
image/gif 213.155.156.180
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d5p.de17a.com/cookies/google?google_gid=CAESEOQXsImXTujOzujv5auiMb8&google_cver=1&google_push=ATf1kGPwZN-MS36hJDeMTY4PXBDEa0boex4ikGlwYX7W9mANDWhPsaH6zt_FYucCulXAyFwqswDwbLmAoRdFLK078JQKP6iJMdh9l1o
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=50&adk=3755119921&adf=3838016959&pi=t.aa~a.1178891283~rp.1&w=390&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=390x50&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=2&bdt=1524&idt=2&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280%2C390x280%2C310x250&nras=5&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Vl5gS5vr5x&p=https%3A//ngoma.co.ke&dtd=58
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.180 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
content-length: 35
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8FBF
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAvnqBeQGs5_4WcAbnXfJ-I&google_cver=1&google_push=ATf1kGPVbbBVs9zWxhVwgOl4zZPvoX5y0NCKMB5QdexNAzZa2e6kEtOZcWPDHsHmLce4q9ko4uhY2DEb...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAvnqBeQGs5_4WcAbnXfJ-I&google_cver=1&google_push=ATf1kGPVbbBVs9zWxhVwgOl4zZPvoX5y0NCKMB5QdexNAzZa2e6kEtOZcWPDHsHmLce4q9ko4uh...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwOTI3MDc3OTE5NTcwNzc5Nw&google_push=ATf1kGPVbbBVs9zWxhVwgOl4zZPvoX5y0NCKMB5QdexNAzZa2e6kEtOZcWPDHsHmLce4q9ko4uhY2D...

170 B
188 B

36ms
35ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwOTI3MDc3OTE5NTcwNzc5Nw&google_push=ATf1kGPVbbBVs9zWxhVwgOl4zZPvoX5y0NCKMB5QdexNAzZa2e6kEtOZcWPDHsHmLce4q9ko4uhY2DEbVpRiNa5qoJe6dhJo_1ZZ9w

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwOTI3MDc3OTE5NTcwNzc5Nw&google_push=ATf1kGPVbbBVs9zWxhVwgOl4zZPvoX5y0NCKMB5QdexNAzZa2e6kEtOZcWPDHsHmLce4q9ko4uhY2DEbVpRiNa5qoJe6dhJo_1ZZ9w
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8FBF 0
130 B 117ms
32ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ldsr-JxOsKI4S9FXdYS5qg1jaeDyaSf6T0Iewr06_SsQ7PZf0Oe3Hb67Ah3nDRxe7FJuNw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js Show response
pagead2.googlesyndication.com/bg/ Frame ED0D 36 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js

Requested by

Host: ngoma.co.ke
URL: https://ngoma.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

067a2eb0be482c154a3e8c7f0610adc7d70b0bcc3e1c0869ddad613cb826cc0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 07:27:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 161667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14156
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 07:27:55 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame B02F 70 B
265 B 120ms
36ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDODLp8PpJT6zhzruidW0vw&google_cver=1&google_push=ATf1kGNvkeBebeIWumcNepBLDtWO66Pv2Q5pCCpWpNLD3vkzEDONWVIDdecNPduKqBo0hioUVJU_A-ztacwdjXfw1XaDvMK4RA8caD4Z
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=280&adk=3332885161&adf=1302256761&pi=t.aa~a.2346554522~rp.1&w=390&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=390x280&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=1&bdt=1524&idt=-M&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tvKtpAMQml&p=https%3A//ngoma.co.ke&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 28 Apr 2023 04:22:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame B02F 0
174 B 81ms
30ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDygaLZ5VIXykujXfD3Lez8&google_cver=1&google_push=ATf1kGNSdF_Py7nR20kwO40gke7IfvbkXJFkjFVL9i1wJ6LaBVbXosPzx17Z-x0CrpvaqEprUt6ajk5UPo1TMSDMWJ5yOyxCpcRKlQWc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=280&adk=3332885161&adf=1302256761&pi=t.aa~a.2346554522~rp.1&w=390&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=390x280&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=1&bdt=1524&idt=-M&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tvKtpAMQml&p=https%3A//ngoma.co.ke&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B02F
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEL_ItXlL7izFwQTEzIFkTgs&google_cver=1&google_push=ATf1kGMJ74_lUwAcM7wp_M_dUmzcJCsF7RLt5VXgMmjubnUQfZk9gYRD8VHBekh3K5eqtwMNgqAz5-1zfnlthZFs...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=f9pjj_1HQuedLfgSv7fmpg2&google_push=ATf1kGMJ74_lUwAcM7wp_M_dUmzcJCsF7RLt5VXgMmjubnUQfZk9gYRD8VHBekh3K5eqtwMNgqAz5-1zfnlthZFsV6SYTYIKpAm3B7cY

170 B
232 B

37ms
36ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=f9pjj_1HQuedLfgSv7fmpg2&google_push=ATf1kGMJ74_lUwAcM7wp_M_dUmzcJCsF7RLt5VXgMmjubnUQfZk9gYRD8VHBekh3K5eqtwMNgqAz5-1zfnlthZFsV6SYTYIKpAm3B7cY

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 28 Apr 2023 04:22:22 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=f9pjj_1HQuedLfgSv7fmpg2&google_push=ATf1kGMJ74_lUwAcM7wp_M_dUmzcJCsF7RLt5VXgMmjubnUQfZk9gYRD8VHBekh3K5eqtwMNgqAz5-1zfnlthZFsV6SYTYIKpAm3B7cY
x-host: tde-deliveryengine-production-69d487867f-w6bz9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B02F
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPnQjgEIQzRygrr-B7w1hkU&google_cver=1&google_push=ATf1kGN7ONB5t90E98wWlQHx7PclfphTA-cahlmY5LLVQ1fi4jsPuNmIu5jrbg43O3dHdBUG2SjR0JdkB5kKFJFRQao4...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPnQjgEIQzRygrr-B7w1hkU&google_cver=1&google_push=ATf1kGN7ONB5t90E98wWlQHx7PclfphTA-cahlmY5LLVQ1fi4jsPuNmIu5jrbg43O3dHdBUG2SjR0JdkB5kKFJ...
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=ea30b1b1-1368-4d5f-a8cd-b726cbc4604f&gdpr=&gdpr_consent=
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=ea30b1b1-1368-4d5f-a8cd-b726cbc4604f&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=4&user_id=912eea59-32a2-4742-a668-259ffbe0ae5b&ssp=google&expires=30&user_group=5&bsw_param=ea30b1b1-1368-4d5f-a8cd-b726cbc4604f
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGN7ONB5t90E98wWlQHx7PclfphTA-cahlmY5LLVQ1fi4jsPuNmIu5jrbg43O3dHdBUG2SjR0JdkB5kKFJFRQao4I6egayNAfke3&google_hm=6jCxsRNoTV-ozbcmy8R...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGN7ONB5t90E98wWlQHx7PclfphTA-cahlmY5LLVQ1fi4jsPuNmIu5jrbg43O3dHdBUG2SjR0JdkB5kKFJFRQao4I6egayNAfke3&google_hm=6jCxsRNoTV-ozbcmy8RgTw==

Requested by

Host: ngoma.co.ke
URL: https://ngoma.co.ke/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGN7ONB5t90E98wWlQHx7PclfphTA-cahlmY5LLVQ1fi4jsPuNmIu5jrbg43O3dHdBUG2SjR0JdkB5kKFJFRQao4I6egayNAfke3&google_hm=6jCxsRNoTV-ozbcmy8RgTw==
date: Fri, 28 Apr 2023 04:22:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 google
d5p.de17a.com/cookies/ Frame B02F 35 B
125 B 97ms
44ms Image
image/gif 213.155.156.180
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d5p.de17a.com/cookies/google?google_gid=CAESEKKzjnmGP-l17ReytTSmcf8&google_cver=1&google_push=ATf1kGOaMCR4cIZhcvJBG9YftJ9SKT8ADcE3FFnitxOEXQtwF2WMM7Sk-8rhah9rx8Z4_RnoIdMznipTGQkdZ_Jz_uyfiQRwvhRfT41Y
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=280&adk=3332885161&adf=1302256761&pi=t.aa~a.2346554522~rp.1&w=390&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=390x280&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=1&bdt=1524&idt=-M&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tvKtpAMQml&p=https%3A//ngoma.co.ke&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.180 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
content-length: 35
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B02F
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMVrKIC-Q79yRbf9ToM7uJo&google_cver=1&google_push=ATf1kGPnncODkF0nT3FRkKXQGCZ9wZzJjM_V5GtMk1DjYkZgNMblJKDcgnmnm65y4Y4IU9wp73XRRdmJ...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMVrKIC-Q79yRbf9ToM7uJo&google_cver=1&google_push=ATf1kGPnncODkF0nT3FRkKXQGCZ9wZzJjM_V5GtMk1DjYkZgNMblJKDcgnmnm65y4Y4IU9wp73X...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzMwNjc2NTU3NzMyNDg0NTYxNg&google_push=ATf1kGPnncODkF0nT3FRkKXQGCZ9wZzJjM_V5GtMk1DjYkZgNMblJKDcgnmnm65y4Y4IU9wp73XRRd...

170 B
188 B

39ms
38ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzMwNjc2NTU3NzMyNDg0NTYxNg&google_push=ATf1kGPnncODkF0nT3FRkKXQGCZ9wZzJjM_V5GtMk1DjYkZgNMblJKDcgnmnm65y4Y4IU9wp73XRRdmJs5Oo_QN_RRmkJAd4CCNgzNo

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzMwNjc2NTU3NzMyNDg0NTYxNg&google_push=ATf1kGPnncODkF0nT3FRkKXQGCZ9wZzJjM_V5GtMk1DjYkZgNMblJKDcgnmnm65y4Y4IU9wp73XRRdmJs5Oo_QN_RRmkJAd4CCNgzNo
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame B02F 43 B
351 B 75ms
23ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEAd_Ca25DkSrfpJfG78Fofw&google_cver=1&google_push=ATf1kGO4O7MSavEqmMWNlXxwGlny0-qdwDkWewHFGagfDtuA_18NSSB2p-bx4fc-3gT9T8RL4fvhL6VHUN6sYqVdFonq_rH_osYFgaPM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=280&adk=3332885161&adf=1302256761&pi=t.aa~a.2346554522~rp.1&w=390&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=390x280&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=1&bdt=1524&idt=-M&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tvKtpAMQml&p=https%3A//ngoma.co.ke&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:22 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: lhsqe0gaimmj1q6g6biha4d25gb80vud

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B02F 0
49 B 72ms
32ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LIqSNbt3Kos6-iJU9jNlgjaEWqdRaNYEipph9zj9FfF2ps_R2Zgfud0FPGHGmuFaLQm29v

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 47F0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27ac1c4688a85355dbc4a4d40e1dc1e65b70683bce1292e752fa630efcb6b98b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 0C74 3 KB
4 KB 80ms
29ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 301
x-guploader-uploadid: ADPycduyHLSdhcuxxwfWo9w1HXuwuSAWD-JHISUDyzdiC5u6R36rku9n4b-sB_Ckwt1FDAf_JYuG4toNUWeilQ_EzEg4XSafKMc6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fd016kCuBVNwLPbVr1JOQIuPylKjOnnsjuU3740Fw7kp%2Fs3bXugZ%2Flb5xjwxyx3TumpPaCrglEEFsxVPk%2FJpZqrpkKltv6E7K2uQQSYuGm0zF%2FVCc1scuDvqTxmhKxgHkZ0DWNSo5jqQq9fuJ%2FMDaJpp"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7bec86189a10d4f6-CDG
expires: Fri, 28 Apr 2023 05:05:26 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 66BB 2 KB
1 KB 26ms
25ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2105762
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7bec8618bd0f3cb1-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 04:22:22 GMT
expires: Thu, 30 Mar 2023 21:56:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTHWGE%2BvUECLe0XT0LenzsRpBz08QMAMRwAVMJ3a9gombSLAa%2F4WUBs%2FttnyCCAKRYlXmpUEQ4AZFJkQKKRpLudAPuxQBi4m73VSmXXvWybYxD8wa9so6%2FnKS0u1fj%2BHjRB3OCk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 6CAE 3 KB
3 KB 29ms
28ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 301
x-guploader-uploadid: ADPycduyHLSdhcuxxwfWo9w1HXuwuSAWD-JHISUDyzdiC5u6R36rku9n4b-sB_Ckwt1FDAf_JYuG4toNUWeilQ_EzEg4XSafKMc6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLx%2BCCQfMAjB1Zg9HY2%2BQ5ubpi2wndv3f2rmvZ6lw5DgNfTZrZqWVtjF4FrG0JNEASp3RZyEptauwvyibN5Hcj2QUl5mh6%2BQ5WSuaToJZN5aBPciZjEYboiRpq4TzTXAp6Xo9ZJcwx%2BDHgvfhwfL8Nz6"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7bec86191a2ed4f6-CDG
expires: Fri, 28 Apr 2023 05:05:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5EFE 0
0 70ms
69ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9QcW_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS6AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gahHNM0U2f6hjkOkKmPSE9feWEfbMpGfsM4Ke6pltaPPOlLAJzH_oYAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTcxMjk2ODIyNTkyNjMxORgA&sigh=ALewc4Q1HjA&uach_m=[UACH]&cid=CAQSPABygQiDsKbIpuhUCukd23S4MvN4_LrUQV1WoVO3NWjltz8yU_I-w6Iupnmq9u59H7LUm6Uah7EQfyPRRxgB

Requested by

Host: ngoma.co.ke
URL: https://ngoma.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=250&adk=100150979&adf=256851991&pi=t.aa~a.3086038225~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=310x250&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=1&bdt=1524&idt=-M&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280%2C390x280&nras=4&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=omrUbPdgg4&p=https%3A//ngoma.co.ke&dtd=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Apr 2023 04:22:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 5EFE 0
0 25ms
24ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kn6er9fz6wv6rmty8dzxt340b01y45da7fxtv8kc0zx0e03nrn10tbvrtfmz50qqfeng1cw7a96dprt4zpydy2qxffaxs4jgs832jfr7n2c9334sn0h9y3vkp45hwb6evw0r1xz343mq7w6ktky5eznewe4fk2yzz7d2qjxtj447br87emjg8v9n76xdvdj2jhw94gpkfc3170by8nkseh4ks6e8sb5gw3wgm90c482h4508k6x16r7mpz3scttzwnsqager2n1mzc0cfcnr2w22yhsy1kttff5ey43my3w5ftr2676bpyrfwm9azax1xb6sfrssfk4yrwpg54vm6ve4c2p58jwve1brbhc2nm6kwv866csps3pygkt0d3whc7tczsap0&b=ZEtJ_QAK5n0H_ZETAARY9WSKGoxt--8_YjO1_g
Requested by: Host: ngoma.co.ke
URL: https://ngoma.co.ke/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 28 Apr 2023 04:22:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 9026 2 KB
2 KB 36ms
35ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k3vrhnhtcm2jtmbjmch9rcbgpazexq9x9xr8dhkn36azdt165q8mckk6de3sn3w7vdmwfy80xt2gtveheg3fb7tfge48fcch39rf88a1xn6j5yape9ktdpnbytz3ds9h0wwvz00k5y6ehp7890k5d13tx5ybaqv3k49tmt1dfjd1amza2ydkcmbqjkwx6y8e0ahbfe2pmsvscbp86hafvypfqa162kvet06eje2sdaca2d7zzys2mtw8vf8h8wbp61wjsy66rmpzswmnv2jqxhqtf54zkczzs7rxz0853wfjrx6sxpc1b745bxhm42je4zd7k63mn43vjp885facbmw7axrwe4tsfm1fxesfjcf021jksnvxwbv3jt7t3785r2r0vtgcnetzrshc84r5mfynxz04w8w7h0y7wapzq1xgc445x3dfk96&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHv9B_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS9AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gagFNuyGDgcmzosjNqtzcxRXHFzRn5uxqEfUwsqmNkreFkoV-66_acYiSoAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_13oy_u-TCxRp9tZA-5wZmaGT5lfQ%26client%3Dca-pub-9712968225926319%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=250&adk=100150979&adf=256851991&pi=t.aa~a.3086038225~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=310x250&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=1&bdt=1524&idt=-M&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280%2C390x280&nras=4&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=omrUbPdgg4&p=https%3A//ngoma.co.ke&dtd=47

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a08b041c4e367f9aef48aa1749c38bd8bb71bfe2f72ec9cda80af222458b920b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7bec86192dba3cb1-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 04:22:22 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 5EFE 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 14:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 14:37:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EE27 1 KB
643 B 26ms
24ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 33717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 19:00:25 GMT
etag: 48472445140208031
expires: Fri, 28 Apr 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 5EFE 19 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 6327879953816217519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 00:53:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5EFE 0
0 34ms
32ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaThTmUxFgky4jGIDUrsy48BX_7jsUouXSxRkm6pbAOP_kdQsFKQj1mJWgtAxV7NoJu3GjJRW41bdWiazO2B3rfDk9ph0A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=250&adk=100150979&adf=256851991&pi=t.aa~a.3086038225~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=310x250&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=1&bdt=1524&idt=-M&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280%2C390x280&nras=4&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=omrUbPdgg4&p=https%3A//ngoma.co.ke&dtd=47
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5EFE 158 KB
48 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Apr 2023 04:22:22 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame E2E5 2 KB
1 KB 27ms
27ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2105762
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7bec86193dcb3cb1-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 04:22:22 GMT
expires: Thu, 30 Mar 2023 21:56:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E80SSFrLC2uEFsqz8cUGOXoo4VlVHiA9hbCJNwZAAJppBGzXpTymp8ZOVxRfImFRJyaOR9g0CRYhtHWNMlMLVN40PHrss9s5YrRd4xcGpeQwSO%2F0bOLpMjgsjhbagfofGt6xOH4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 0C74 1 KB
1 KB 37ms
36ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75da6db2b94f44fcad69e9579b7bd59b2c6f27810cc887c0f6f53b2d9c6fca78

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZhXLhiw945nhkggdPrTjwLZpdgOuRcggRJ6MdCjoarhr7cM%2FVjQn74Fuea7BQlOh5rX8yfLtq69S4CyDzuY%2BJnZCkkjEbuwGNv6XFwcA2fzaDZVWurvjWqDFCFw%2FYzAVi4xZIs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7bec8619bbb001ed-CDG
x-backend-server: aa-reachservice-group-europe-west1-q5px
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 60ms
36ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7bec86197b9a01ed-CDG
content-length: 24
content-type: text/plain
date: Fri, 28 Apr 2023 04:22:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnGs1N%2FIvH%2BzXyM7rs5IFMX%2FVlxif8VnE%2FET%2FQIyChhH2%2FsTt9WM24%2By4a3mzxHl7v6oVct5%2F%2B7xlPLcDXYx%2B5D8QahxfPGHoaC41jAjti21Wvg463kR0BRLn%2BrQOaeYsz3GrUg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-q5px

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 9026 94 KB
12 KB 29ms
29ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k3vrhnhtcm2jtmbjmch9rcbgpazexq9x9xr8dhkn36azdt165q8mckk6de3sn3w7vdmwfy80xt2gtveheg3fb7tfge48fcch39rf88a1xn6j5yape9ktdpnbytz3ds9h0wwvz00k5y6ehp7890k5d13tx5ybaqv3k49tmt1dfjd1amza2ydkcmbqjkwx6y8e0ahbfe2pmsvscbp86hafvypfqa162kvet06eje2sdaca2d7zzys2mtw8vf8h8wbp61wjsy66rmpzswmnv2jqxhqtf54zkczzs7rxz0853wfjrx6sxpc1b745bxhm42je4zd7k63mn43vjp885facbmw7axrwe4tsfm1fxesfjcf021jksnvxwbv3jt7t3785r2r0vtgcnetzrshc84r5mfynxz04w8w7h0y7wapzq1xgc445x3dfk96&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHv9B_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS9AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gagFNuyGDgcmzosjNqtzcxRXHFzRn5uxqEfUwsqmNkreFkoV-66_acYiSoAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_13oy_u-TCxRp9tZA-5wZmaGT5lfQ%26client%3Dca-pub-9712968225926319%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k3vrhnhtcm2jtmbjmch9rcbgpazexq9x9xr8dhkn36azdt165q8mckk6de3sn3w7vdmwfy80xt2gtveheg3fb7tfge48fcch39rf88a1xn6j5yape9ktdpnbytz3ds9h0wwvz00k5y6ehp7890k5d13tx5ybaqv3k49tmt1dfjd1amza2ydkcmbqjkwx6y8e0ahbfe2pmsvscbp86hafvypfqa162kvet06eje2sdaca2d7zzys2mtw8vf8h8wbp61wjsy66rmpzswmnv2jqxhqtf54zkczzs7rxz0853wfjrx6sxpc1b745bxhm42je4zd7k63mn43vjp885facbmw7axrwe4tsfm1fxesfjcf021jksnvxwbv3jt7t3785r2r0vtgcnetzrshc84r5mfynxz04w8w7h0y7wapzq1xgc445x3dfk96&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHv9B_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS9AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gagFNuyGDgcmzosjNqtzcxRXHFzRn5uxqEfUwsqmNkreFkoV-66_acYiSoAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_13oy_u-TCxRp9tZA-5wZmaGT5lfQ%26client%3Dca-pub-9712968225926319%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 235060
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDU9Rtlm9DNRb8yEiMJN3psr4pS8btnT2lsF%2FfhNOl1io0W9x8gcW3aTw0vmfyDIAK08N3J85eyySRffiEwjQwVAtJ0GNEBSWxvrwAQj%2BXjxSLjmj0aRt8XPK9nvGWEHue6tMJZDUKA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7bec86196ddf3cb1-CDG
expires: Fri, 28 Apr 2023 05:22:22 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 9026 25 KB
10 KB 26ms
26ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k3vrhnhtcm2jtmbjmch9rcbgpazexq9x9xr8dhkn36azdt165q8mckk6de3sn3w7vdmwfy80xt2gtveheg3fb7tfge48fcch39rf88a1xn6j5yape9ktdpnbytz3ds9h0wwvz00k5y6ehp7890k5d13tx5ybaqv3k49tmt1dfjd1amza2ydkcmbqjkwx6y8e0ahbfe2pmsvscbp86hafvypfqa162kvet06eje2sdaca2d7zzys2mtw8vf8h8wbp61wjsy66rmpzswmnv2jqxhqtf54zkczzs7rxz0853wfjrx6sxpc1b745bxhm42je4zd7k63mn43vjp885facbmw7axrwe4tsfm1fxesfjcf021jksnvxwbv3jt7t3785r2r0vtgcnetzrshc84r5mfynxz04w8w7h0y7wapzq1xgc445x3dfk96&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHv9B_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS9AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gagFNuyGDgcmzosjNqtzcxRXHFzRn5uxqEfUwsqmNkreFkoV-66_acYiSoAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_13oy_u-TCxRp9tZA-5wZmaGT5lfQ%26client%3Dca-pub-9712968225926319%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 225395
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wi%2BynEbaURbKNT395w%2BpjmmXl8Hs7Iw4gQABdnBiJQ3jQVppOcG9pqrB0iyCod7N6F8%2BPkKYC6zCmi5aikWDMf74FbfWNkyoPQgA7OcqjjU30Q5jX%2FLLd84JcOAb1yGWpfjyLwE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7bec86196de13cb1-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 18 Apr 2023 13:45:45 GMT

GET
DATA 200
OK truncated
/ Frame 5EFE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67b0b164828b91b7c74bb66bbcf95543be12e9ba4b76e7dcbfd180c248c0ad61

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame EE27
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMS4NoRZs7EXamH1vxzQW2c&google_cver=1&google_push=ATf1kGO_VISXeWRr5xX9tFX7mbd5TfRr2zV_YMRvA7NxmwXtN44GX9dCRvkJhTd8yTPC_4wM1f8Vhvm_uosMH2fHRSrbJa3H4-wO_ssL
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjYyMzUyOTA3NTU1NjM3NTc4MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMS4NoRZs7EXamH1vxzQW2c&google_cver=1

43 B
398 B

23ms
22ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMS4NoRZs7EXamH1vxzQW2c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=250&adk=100150979&adf=256851991&pi=t.aa~a.3086038225~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=310x250&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=1&bdt=1524&idt=-M&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280%2C390x280&nras=4&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=omrUbPdgg4&p=https%3A//ngoma.co.ke&dtd=47
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 28 Apr 2023 04:22:22 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMS4NoRZs7EXamH1vxzQW2c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE27
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECzRhuSZg6GdEgw1S7ChQi4&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECzRhuSZg6GdEgw1S7ChQi4&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QUoyUlc4SE8xUFNmQ0w1&google_gid=CAESECzRhuSZg6GdEgw1S7ChQi4&google_cver=1&google_push=ATf1kGNk5gUU2Yy1_AU5QHj4kfhEip4vAaKTgHmUGky4KzR...

170 B
188 B

35ms
35ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QUoyUlc4SE8xUFNmQ0w1&google_gid=CAESECzRhuSZg6GdEgw1S7ChQi4&google_cver=1&google_push=ATf1kGNk5gUU2Yy1_AU5QHj4kfhEip4vAaKTgHmUGky4KzRcmePHNywfmNBp9_ucvV1cYcCLUu_pmsV05tqK7w_EwIcZ41EJBVfZgAMr

Requested by

Host: ngoma.co.ke
URL: https://ngoma.co.ke/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 Apr 2023 04:22:22 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-05bcdf9d4cddcb229@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QUoyUlc4SE8xUFNmQ0w1&google_gid=CAESECzRhuSZg6GdEgw1S7ChQi4&google_cver=1&google_push=ATf1kGNk5gUU2Yy1_AU5QHj4kfhEip4vAaKTgHmUGky4KzRcmePHNywfmNBp9_ucvV1cYcCLUu_pmsV05tqK7w_EwIcZ41EJBVfZgAMr
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame EE27 43 B
441 B 176ms
173ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEExFsCyPe53fM1Ty2ae3seY&google_cver=1&google_push=ATf1kGPhBfGj0LkWFT1VKyYiAriVT6JHONxpHZco-M7B8S4SWyUbk7ok4WsVVGAepaDGsA_Fe23Et974rsxkC-fOxmrGucqDPne2eIgK&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPhBfGj0LkWFT1VKyYiAriVT6JHONxpHZco-M7B8S4SWyUbk7ok4WsVVGAepaDGsA_Fe23Et974rsxkC-fOxmrGucqDPne2eIgK%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=250&adk=100150979&adf=256851991&pi=t.aa~a.3086038225~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=310x250&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=1&bdt=1524&idt=-M&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280%2C390x280&nras=4&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=omrUbPdgg4&p=https%3A//ngoma.co.ke&dtd=47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:23 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7bec86197dbf2a59-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE27
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESED0A6mlHxSkC6prEybvK7IM&google_cver=1&google_push=ATf1kGMLrAt8fyID8hSrr6bgxCSAXMQGCF0xTNxoqeSo1TUWXUtRTxan8WxVaSxZpNfMOVdzAEOqn4aTZ3n...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMLrAt8fyID8hSrr6bgxCSAXMQGCF0xTNxoqeSo1TUWXUtRTxan8WxVaSxZpNfMOVdzAEOqn4aTZ3nxBVxf_lWlOSqLCqk-Er-D&google_hm=6GBCVt4JTVS3A54o...

170 B
188 B

41ms
40ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMLrAt8fyID8hSrr6bgxCSAXMQGCF0xTNxoqeSo1TUWXUtRTxan8WxVaSxZpNfMOVdzAEOqn4aTZ3nxBVxf_lWlOSqLCqk-Er-D&google_hm=6GBCVt4JTVS3A54okbaJ62o

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:22 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMLrAt8fyID8hSrr6bgxCSAXMQGCF0xTNxoqeSo1TUWXUtRTxan8WxVaSxZpNfMOVdzAEOqn4aTZ3nxBVxf_lWlOSqLCqk-Er-D&google_hm=6GBCVt4JTVS3A54okbaJ62o
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE27
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELg30ets68KTcIRUcEjbR7U&google_cver=1&google_push=ATf1kGMmoce8Cj33e-XnRr6gLgVOaBtqZP1BVsdslPyvYKW4gwWt63yQGvp9ZHTo3KN4R5oV1XWW9BTMwcdMOh...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNjk1MTM4NjYxMjEwMzMwOQ%3D%3D&google_push=ATf1kGMmoce8Cj33e-XnRr6gLgVOaBtqZP1BVsdslPyvYKW4gwWt63yQGvp9ZHTo3KN4R5oV1XWW9BTMwcdMOhxbEd...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNjk1MTM4NjYxMjEwMzMwOQ%3D%3D&google_push=ATf1kGMmoce8Cj33e-XnRr6gLgVOaBtqZP1BVsdslPyvYKW4gwWt63yQGvp9ZHTo3KN4R5oV1XWW9BTMwcdMOhxbEdCZ3pEN0zqE3ILm

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNjk1MTM4NjYxMjEwMzMwOQ%3D%3D&google_push=ATf1kGMmoce8Cj33e-XnRr6gLgVOaBtqZP1BVsdslPyvYKW4gwWt63yQGvp9ZHTo3KN4R5oV1XWW9BTMwcdMOhxbEdCZ3pEN0zqE3ILm
Date: Fri, 28 Apr 2023 04:22:23 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 dds
rtb.openx.net/sync/ Frame EE27 43 B
135 B 27ms
25ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECbIZOctTNPqoIdXd1s1XGw&google_cver=1&google_push=ATf1kGNdUxzBv5l2Y85-rDovNWI2SZSw36S-oSyUTydqrrqmf-HAR0ZocaOuGU1bzOb-TD0PfSXkxtodY4jrQI4G1f_Y2b6idcSPKXcZ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9712968225926319&output=html&h=250&adk=100150979&adf=256851991&pi=t.aa~a.3086038225~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1682655741&rafmt=1&to=qs&pwprc=7289758778&format=310x250&url=https%3A%2F%2Fngoma.co.ke%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682655741639&bpp=1&bdt=1524&idt=-M&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df2d46111199030e8-22e88fbb6edf0096%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg&gpic=UID%3D00000be629e805da%3AT%3D1682655740%3ART%3D1682655740%3AS%3DALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A&prev_fmts=0x0%2C1200x280%2C390x280&nras=4&correlator=5450774221228&frm=20&pv=1&ga_vid=1215495359.1682655741&ga_sid=1682655741&ga_hid=701502550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759842%2C44759876%2C44759927%2C42532186%2C44785295%2C44789761%2C44789779&oid=2&pvsid=8829951956623&tmod=960314039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=omrUbPdgg4&p=https%3A//ngoma.co.ke&dtd=47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:22 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: tqr9u1cv15guigh8u3iher1u5k16rqcr

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE27
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n3FFdAoiSvu3JUFVqrt3Xw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

36ms
35ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n3FFdAoiSvu3JUFVqrt3Xw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMrfjI4LmFqUitTH7BHF9FVccIJfneAIWQlqDze4BbxzkoWOzzeP6xCrRhqUZw7VeGB1ffUQ1GGiyf4UMXIkyRKxfRWIemi63G5

Requested by

Host: ngoma.co.ke
URL: https://ngoma.co.ke/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n3FFdAoiSvu3JUFVqrt3Xw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMrfjI4LmFqUitTH7BHF9FVccIJfneAIWQlqDze4BbxzkoWOzzeP6xCrRhqUZw7VeGB1ffUQ1GGiyf4UMXIkyRKxfRWIemi63G5
date: Fri, 28 Apr 2023 04:22:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EE27 0
12 B 35ms
33ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KTSJ0IKEWe3HJvGyjYpYcZr8bQLtjlzzyUDReCb29DPzFp7QR7Cg-B9nfaxYJ5R_Yvv-WW

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 9026 3 KB
4 KB 26ms
26ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1958
x-guploader-uploadid: ADPycdvGjpVJZq3WkkEyKeRx9w5VBr6HSb7bYmd9XE8XWgLk4mLsyw99_QmDTNp28L5gD_Ri1n3Fn_sn6yWC7AjAQOphPw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCgTFke4S%2Fh0mMCiWz%2FAbradJ1yqOdO%2FwdEXSQsDyboh6dYvXec5nH44lvpjVZ8qL5BdASLBfXNozsr%2BZ0sZPYDhjByEoevBJQSIkIZjCLEHQwQe9E2LKxixlHnNTXiC%2FnW8Gk6pwXS5fKr84Dd1WlRg"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7bec8619da57f110-CDG
expires: Fri, 28 Apr 2023 04:17:20 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 57CA 2 KB
1 KB 27ms
26ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2105763
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7bec8619ee113cb1-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 04:22:23 GMT
expires: Thu, 30 Mar 2023 21:56:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBYwSSx49Dyp44dHAquI1BEoDzfnLDkB8w7f%2FzxTGqyJrbdFn52Oc5kln68Hvh6PJAd23FWHJ%2FqsCy%2Bz49Nm6G53OK6MV2mzDBt0DKYhj4p2xvZYELakue7cbFBbVvy75V8aZCs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 6CAE 1 KB
2 KB 49ms
48ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2df6ef6434233c0f2416425f974602418af670f75d4b94a68cbea707855afc35

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7praWL%2BgRAZc73TgRfJHOPNC%2FLiw2yX8GUV7UAVq8EB0Cb8w8fMWAGTvGVHllzhhNRcobkDLdLicLBwpeWbTEImpC7BaRQXQ8In5qzYsg%2BDklBZaxrS3tNg%2BVh97hn%2FNbzoj8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7bec861a2bd901ed-CDG
x-backend-server: aa-reachservice-group-europe-west1-q5px
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 38ms
38ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7bec8619ebc401ed-CDG
content-length: 24
content-type: text/plain
date: Fri, 28 Apr 2023 04:22:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ad5Su07NVUsHOilm0n8iBJOuJzSLm1604EkCQa%2FzsKqAAX9Hl34fWfJd6FGMUBjCAiDEDTwqbc7dK7NfQXeesQGXRrIqp5y28WaTcx2QjBuAt%2FUW7GOgX5VjRhrJkTWhht3uQGI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-q5px

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 4D69 3 KB
3 KB 35ms
35ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=331863&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw&c=320&d=50&e=&g=6d6ffa7bcc895ebea0a9b7250069d469%2F12630415836336569672&i=27718&j=15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1682655743004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzv7bjkbd2k3m3nw12m9v1dn69dpwwsas26qz6azy6xcqkfc1b3x5f77kp40v31xtexkrg5c6sth0hgy3a8fyq5bpm5sbfj4wgkj5g4g356pkpa2q1k2pvwgd80mzwqm7tv70cksahwjq2xbmtyc2z7zymh1tmhx8svt5ssh0wbwgv344n5br8dnyr6ty7xsn32mfy7ayvrtc5exn0gt553cr4srpsy7sas70zrn18q5jm9cjybhr6tacc2dqxranjbh7c6eykwj9dvt2ymkvz6gm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6f3u_UlLZNrvLIWP7_UPtaep8Avi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS0AU_Q4R4058FZBRSwoInaOTTyXQcH-HyFFoHJhB8SKOALv7kcMhOo77r2NMMIgDEgCSopFaLkRr_xLdNcTBbvGiIroE_Bq7MW7nuvs1cyLdDI5hJfgiEiaVVGjAt1UF4v8RagDZW3Kk6nIVFrz0x147_omsDcy6OwRDPURsD3K9FScFcDL7cQXQdsX6wqZU3O-hbZKmQTvxPKr9VzIwIS0EhLjKLA0IVIqnJFZb_CCdVXP7aCzoAGi-j66cGpgLj3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1c9ZGJVeykVeeBkoKJvt80UibgEQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73359a89880cb33bbbef3bcc7b74059e5869dca8522f3ddc62654731ac09a908

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kcz1vzhctnn0s3bvm5j1vpd6rfdvmsby67j9m7585h5a1x9zyynx97gb8tan8npj65rh9rrw5vfnwqehfyrddssq8f2ebk5v8n6w6ms1kp95zb2dqtgeyktyan2pfpy81fvktasp1ctvgad3458rnz7wr2a1mq1m0fp6bq0sgh44ax39g2arg6mpx1nj5mevfvmaes4j4yc2q7kr545rd3mfxtbgemn8pz7jcqeeqbpvppw4j3vh7pj53f6k3x0yxp1ahrd3nr34w49wgr9xfe4mh93v91wabww2gm8je0gksh8pa355qv8m35726gvrz5a1c59hv0vp4gr0hjn1t80zss8ev9teh4akpaxxk989z4gw4rzhdtw5ntgntevr2tgb929asm3e3b1ymhkyavenbk8rhx5stqhh83y971ynhmjma5tzqhk098xhda18kr7y30tfg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6f3u_UlLZNrvLIWP7_UPtaep8Avi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS0AU_Q4R4058FZBRSwoInaOTTyXQcH-HyFFoHJhB8SKOALv7kcMhOo77r2NMMIgDEgCSopFaLkRr_xLdNcTBbvGiIroE_Bq7MW7nuvs1cyLdDI5hJfgiEiaVVGjAt1UF4v8RagDZW3Kk6nIVFrz0x147_omsDcy6OwRDPURsD3K9FScFcDL7cQXQdsX6wqZU3O-hbZKmQTvxPKr9VzIwIS0EhLjKLA0IVIqnJFZb_CCdVXP7aCzoAGi-j66cGpgLj3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1c9ZGJVeykVeeBkoKJvt80UibgEQ%26client%3Dca-pub-9712968225926319%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7bec8619fe1e3cb1-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 04:22:23 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

POST
H3 200 rs Show response
ad4m.at/ Frame 9026 1 KB
2 KB 39ms
38ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 593999310435b23dc1728e57584c8e81728f47275fa6440fdabfebb60a7ce058

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCYoZ7uCzKuIg8lhfVOG3Mt%2BvmBWMART6S0joMVyiYRuMY39UIfZwaHdQPTm2au%2Bu7X%2BBuJ5d15o10OSjTpJvOdmAJh%2BRhtj5O%2FgqHP5alUgIawbKWEYbSEzSf3FVzUGIGAzntM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7bec861a5bfc01ed-CDG
x-backend-server: aa-reachservice-group-europe-west1-q5px
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 33ms
32ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7bec861a2bdc01ed-CDG
content-length: 24
content-type: text/plain
date: Fri, 28 Apr 2023 04:22:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUuBvxCZLmnTs5Ko6vgUOHBC1gJfpznfkdtNUHXGvQycjToU1jDJYM%2BW1hws6CyHpMXQi6HpUxy%2BkVGBoHEhA%2B3z4qYWlFdmInJI%2BTUuitD4haKpr8NBQhD3c3d2QR9andSAKSg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-q5px

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 4D69 94 KB
12 KB 28ms
28ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw&c=320&d=50&e=&g=6d6ffa7bcc895ebea0a9b7250069d469%2F12630415836336569672&i=27718&j=15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1682655743004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzv7bjkbd2k3m3nw12m9v1dn69dpwwsas26qz6azy6xcqkfc1b3x5f77kp40v31xtexkrg5c6sth0hgy3a8fyq5bpm5sbfj4wgkj5g4g356pkpa2q1k2pvwgd80mzwqm7tv70cksahwjq2xbmtyc2z7zymh1tmhx8svt5ssh0wbwgv344n5br8dnyr6ty7xsn32mfy7ayvrtc5exn0gt553cr4srpsy7sas70zrn18q5jm9cjybhr6tacc2dqxranjbh7c6eykwj9dvt2ymkvz6gm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6f3u_UlLZNrvLIWP7_UPtaep8Avi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS0AU_Q4R4058FZBRSwoInaOTTyXQcH-HyFFoHJhB8SKOALv7kcMhOo77r2NMMIgDEgCSopFaLkRr_xLdNcTBbvGiIroE_Bq7MW7nuvs1cyLdDI5hJfgiEiaVVGjAt1UF4v8RagDZW3Kk6nIVFrz0x147_omsDcy6OwRDPURsD3K9FScFcDL7cQXQdsX6wqZU3O-hbZKmQTvxPKr9VzIwIS0EhLjKLA0IVIqnJFZb_CCdVXP7aCzoAGi-j66cGpgLj3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1c9ZGJVeykVeeBkoKJvt80UibgEQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=331863&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw&c=320&d=50&e=&g=6d6ffa7bcc895ebea0a9b7250069d469%2F12630415836336569672&i=27718&j=15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1682655743004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzv7bjkbd2k3m3nw12m9v1dn69dpwwsas26qz6azy6xcqkfc1b3x5f77kp40v31xtexkrg5c6sth0hgy3a8fyq5bpm5sbfj4wgkj5g4g356pkpa2q1k2pvwgd80mzwqm7tv70cksahwjq2xbmtyc2z7zymh1tmhx8svt5ssh0wbwgv344n5br8dnyr6ty7xsn32mfy7ayvrtc5exn0gt553cr4srpsy7sas70zrn18q5jm9cjybhr6tacc2dqxranjbh7c6eykwj9dvt2ymkvz6gm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6f3u_UlLZNrvLIWP7_UPtaep8Avi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS0AU_Q4R4058FZBRSwoInaOTTyXQcH-HyFFoHJhB8SKOALv7kcMhOo77r2NMMIgDEgCSopFaLkRr_xLdNcTBbvGiIroE_Bq7MW7nuvs1cyLdDI5hJfgiEiaVVGjAt1UF4v8RagDZW3Kk6nIVFrz0x147_omsDcy6OwRDPURsD3K9FScFcDL7cQXQdsX6wqZU3O-hbZKmQTvxPKr9VzIwIS0EhLjKLA0IVIqnJFZb_CCdVXP7aCzoAGi-j66cGpgLj3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1c9ZGJVeykVeeBkoKJvt80UibgEQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 235061
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGe3n%2FnXRk50ydwS5YtfLawcb9b3pCUegOl4WR05mn%2BmgwpGgWmf%2FQ%2BvuXb2yNywN2lP6VUzwAWbMzeXuyrgFQPzJCF%2BhDYmj1ytRgOw%2BXBtW%2Fi2NnZHoboA1S9FnN3BgF3wiZb6who%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7bec861a3e3d3cb1-CDG
expires: Fri, 28 Apr 2023 05:22:23 GMT

GET
H2 200 56515324823B20B365599899F7CDEAEB06518780A43B3E7AB9DC3B7026550354C014E90B362FBE6746CDD7B1A883CB77E3AB8F8A4BC408ABCBB20C42D62BACFF
assets.ad4m.at/logo/ Frame 4D69 15 KB
16 KB 44ms
34ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/56515324823B20B365599899F7CDEAEB06518780A43B3E7AB9DC3B7026550354C014E90B362FBE6746CDD7B1A883CB77E3AB8F8A4BC408ABCBB20C42D62BACFF
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw&c=320&d=50&e=&g=6d6ffa7bcc895ebea0a9b7250069d469%2F12630415836336569672&i=27718&j=15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1682655743004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzv7bjkbd2k3m3nw12m9v1dn69dpwwsas26qz6azy6xcqkfc1b3x5f77kp40v31xtexkrg5c6sth0hgy3a8fyq5bpm5sbfj4wgkj5g4g356pkpa2q1k2pvwgd80mzwqm7tv70cksahwjq2xbmtyc2z7zymh1tmhx8svt5ssh0wbwgv344n5br8dnyr6ty7xsn32mfy7ayvrtc5exn0gt553cr4srpsy7sas70zrn18q5jm9cjybhr6tacc2dqxranjbh7c6eykwj9dvt2ymkvz6gm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6f3u_UlLZNrvLIWP7_UPtaep8Avi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS0AU_Q4R4058FZBRSwoInaOTTyXQcH-HyFFoHJhB8SKOALv7kcMhOo77r2NMMIgDEgCSopFaLkRr_xLdNcTBbvGiIroE_Bq7MW7nuvs1cyLdDI5hJfgiEiaVVGjAt1UF4v8RagDZW3Kk6nIVFrz0x147_omsDcy6OwRDPURsD3K9FScFcDL7cQXQdsX6wqZU3O-hbZKmQTvxPKr9VzIwIS0EhLjKLA0IVIqnJFZb_CCdVXP7aCzoAGi-j66cGpgLj3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1c9ZGJVeykVeeBkoKJvt80UibgEQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 198a13fd37b3d45a2a089dc1c04c1691eaf37c9983a08ea5ca01c44d89b01049

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1645162
cf-polished: degrade=85, origSize=25367, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15646
cf-bgj: imgq:85,h2pri
last-modified: Mon, 23 Jan 2023 08:28:37 GMT
server: cloudflare
etag: "dfa1686790e6feac388f794e778aee4e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4JdlCfqM9nIzRiZfJs8rk0yBljaBRF%2FwpCkP7c5liUj8kVVy3pUwcCBPMqUuPgozkt%2BYedkaLhIDAeBfvNeTHWhPulQrepT2azolvaa%2FloCNMNwpaM2YK4md0oFhCTElKw4uPjI7RRGyszC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bec861a4c970263-CDG
expires: Sat, 29 Apr 2023 04:22:23 GMT

GET
H2 200 D0574E0413E4E2BF9F008E0925864824C9C91D7469B0410E2F3EB73D162C6D34C8AF516C4C6C55022713841D90D6D03D077D31DADDD18ED4358557306F688430
assets.ad4m.at/product_image/ Frame 4D69 44 KB
44 KB 33ms
27ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/D0574E0413E4E2BF9F008E0925864824C9C91D7469B0410E2F3EB73D162C6D34C8AF516C4C6C55022713841D90D6D03D077D31DADDD18ED4358557306F688430
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw&c=320&d=50&e=&g=6d6ffa7bcc895ebea0a9b7250069d469%2F12630415836336569672&i=27718&j=15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1682655743004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzv7bjkbd2k3m3nw12m9v1dn69dpwwsas26qz6azy6xcqkfc1b3x5f77kp40v31xtexkrg5c6sth0hgy3a8fyq5bpm5sbfj4wgkj5g4g356pkpa2q1k2pvwgd80mzwqm7tv70cksahwjq2xbmtyc2z7zymh1tmhx8svt5ssh0wbwgv344n5br8dnyr6ty7xsn32mfy7ayvrtc5exn0gt553cr4srpsy7sas70zrn18q5jm9cjybhr6tacc2dqxranjbh7c6eykwj9dvt2ymkvz6gm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6f3u_UlLZNrvLIWP7_UPtaep8Avi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS0AU_Q4R4058FZBRSwoInaOTTyXQcH-HyFFoHJhB8SKOALv7kcMhOo77r2NMMIgDEgCSopFaLkRr_xLdNcTBbvGiIroE_Bq7MW7nuvs1cyLdDI5hJfgiEiaVVGjAt1UF4v8RagDZW3Kk6nIVFrz0x147_omsDcy6OwRDPURsD3K9FScFcDL7cQXQdsX6wqZU3O-hbZKmQTvxPKr9VzIwIS0EhLjKLA0IVIqnJFZb_CCdVXP7aCzoAGi-j66cGpgLj3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1c9ZGJVeykVeeBkoKJvt80UibgEQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8900dfcb3fb3061252db53c35479af4ed2ac43949275adbdace2737b361674b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1638639
cf-polished: degrade=85, origSize=87656, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44946
cf-bgj: imgq:85,h2pri
last-modified: Mon, 23 Jan 2023 08:38:48 GMT
server: cloudflare
etag: "1fa3c4594e12e50f0f5fe57e7d45863b"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9wvTzXjfBP4OdaB1vFrwZwvKLenqwL%2B7zb5kYmKgR5yHND81hu8GCjAAnoizj4RVvh%2B4Yc3MVEa5UdDHS9uQetT2fUsrzZc%2FyiwvgH3whtQL0hI4%2FgrfDP77uZXM7NFkUe9LC2NEfZ1CHIj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bec861a4c980263-CDG
expires: Sat, 29 Apr 2023 04:22:23 GMT

GET
H/1.1 200
OK trk.php
action.metaffiliation.com/ Frame 4D69 43 B
2 KB 88ms
36ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://action.metaffiliation.com/trk.php?taff=P510DF956C8631D43&argsite=oneidXgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84oneid__suite_Netmix_Reach142_France_MoreVolume&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw&c=320&d=50&e=&g=6d6ffa7bcc895ebea0a9b7250069d469%2F12630415836336569672&i=27718&j=15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1682655743004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzv7bjkbd2k3m3nw12m9v1dn69dpwwsas26qz6azy6xcqkfc1b3x5f77kp40v31xtexkrg5c6sth0hgy3a8fyq5bpm5sbfj4wgkj5g4g356pkpa2q1k2pvwgd80mzwqm7tv70cksahwjq2xbmtyc2z7zymh1tmhx8svt5ssh0wbwgv344n5br8dnyr6ty7xsn32mfy7ayvrtc5exn0gt553cr4srpsy7sas70zrn18q5jm9cjybhr6tacc2dqxranjbh7c6eykwj9dvt2ymkvz6gm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6f3u_UlLZNrvLIWP7_UPtaep8Avi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS0AU_Q4R4058FZBRSwoInaOTTyXQcH-HyFFoHJhB8SKOALv7kcMhOo77r2NMMIgDEgCSopFaLkRr_xLdNcTBbvGiIroE_Bq7MW7nuvs1cyLdDI5hJfgiEiaVVGjAt1UF4v8RagDZW3Kk6nIVFrz0x147_omsDcy6OwRDPURsD3K9FScFcDL7cQXQdsX6wqZU3O-hbZKmQTvxPKr9VzIwIS0EhLjKLA0IVIqnJFZb_CCdVXP7aCzoAGi-j66cGpgLj3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1c9ZGJVeykVeeBkoKJvt80UibgEQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.131.136.1 , France, ASN47841 (OXALIDE, FR),

Reverse DNS

front.netaffiliation.net

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 04:22:23 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0090970993041992
Connection: keep-alive
X-TRK-PROC: 69113
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
X-TRK-SRV: 6
Server: nginx
Last-Modified: Fri, 28 Apr 2023 04:22:23 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 48B6 9 KB
4 KB 35ms
34ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=119648%2C331863%2C337344&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CX9MHzfGeTxMJqc6H4HetqtY8XUBTkTXKKFJ%2CR4WTgf1Xfk8P2ukHwH3tQtwGzwswTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Ce26U3fKZsJKPxSjHZHet2CZ8PTjTQTx88t1%2CQPwc4fb6CpQ9XhxH5HYt9Cb23bHDT4T5qqaV&c=300&d=250&e=&g=1ac900d18218b0bc91614839092770a2%2F6054773707199071952&i=30425%2C27718%2C74253&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmsf4g07cdfft11rcbdf1bg998ch8anwfs4sr2614bkbg71zhb7vsyghzqhx6zn2qee53dncrfcvcdk8a9kd9r3ajrj9ka2fvf89e6p30xsc90atwbez5yws61xhxn19r6p7gavkv0hbfj4y5pwvdnhbbfa6nae2ryjswrc6ey76yacmw52acn5kmmx762d8fwnvwa6xh5vbna2dhgf0mmkz1sye8b966qrq1knjwe4wyaecp6wrkz99zwqb4f40890gc1sfjtza46znqng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwK29_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS9AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-ix4d5xD5lAeAygpeTQFqSCow1LZralCUcAwZYvvkKK8sNE7Z0acxbIDQ4AGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15t4Y6S8yXoN8tncqR9Wf6BKj6IQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c2ce0357eed412a3721372bc3152b8063a2dc50931a3b4cdad286981a09f762

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jwknk2feb8m6mc6e6mq7rxv6836tb8kdgam4yzmbng31n103qdpzzhh69jsd1v04ky7mtd858aatyfkncqfg5nn0ww2kfmxwv7bsds7xd76p3gxwa2wjchnq0p4ycb600bft1y7v5093v3ha494kk0z5hnr3mt0z6edgkx2f7jrp1g58p8z1ma5y988kmhsbxkczz5jyvrj2v44a8qkzy0fchdt1p2d13d5a4ca014rxewb08pajwb854fj47pwy8rvkgk4kn827xyxsxsy5694p4f8k09k0tep3xaear8x6fannvs0ghazkafbqc89y2e9vzjtxw0xgy0d2571zt6e4qrx65h675b8fk5nkd738437ht4my7zsn13cdftawy283yshwx2h143n9bbncd494pk2kqk9m9c7mawk1fjzypwxjwfpchwz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwK29_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS9AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-ix4d5xD5lAeAygpeTQFqSCow1LZralCUcAwZYvvkKK8sNE7Z0acxbIDQ4AGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_15t4Y6S8yXoN8tncqR9Wf6BKj6IQ%26client%3Dca-pub-9712968225926319%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7bec861a7e4e3cb1-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 04:22:23 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 3EFC 9 KB
4 KB 36ms
35ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=311476%2C345677%2C324053&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CR4WTgf1XfkmQ4SkHwH3tQtZErwSwTzTmqqH7%2CbWgtQfAecq1mYfYHbHztKtEDwBfxTJT5WWaJ&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CQPwc4fb6Cpk8gFxH5HYt9C7PYbUDT4T5qqaV%2C39zHpfA7cVdj3T7HrHAtXCMr9GF8TWTA11Cd&c=300&d=250&e=&g=bab37016dc0cfa34fe9c6bf3e8f229fb%2F5864692739148579687&i=108136%2C114077%2C111727&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2rfzeeyct9ce6wjq6fye0vkg5b1kwpdfb0s97jbq3kezd12qwzdnv9f3d1b7q364jkcvgf78r1w6770e8vd6rtvwkj7t8v72dg0h3d8bps7fz16m7kqf7krvzw9ymkv2de20znn3e57z6k61xk3cc198qcyh3tp4fctw3gc0rnhn6atdw370cy9b7x81r90vtgxva80vxz3ebmc6yvakkn7wh9wgknagg88j5z189hvbspazgbs16sngcrsqjkjjrwbqhnwv3yy1dh76xg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHv9B_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS9AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gagFNuyGDgcmzosjNqtzcxRXHFzRn5uxqEfUwsqmNkreFkoV-66_acYiSoAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_13oy_u-TCxRp9tZA-5wZmaGT5lfQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91547e920c3c43680b3924109babcf0bd3767aa224d7a85d12192d3b882e3402

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1k3vrhnhtcm2jtmbjmch9rcbgpazexq9x9xr8dhkn36azdt165q8mckk6de3sn3w7vdmwfy80xt2gtveheg3fb7tfge48fcch39rf88a1xn6j5yape9ktdpnbytz3ds9h0wwvz00k5y6ehp7890k5d13tx5ybaqv3k49tmt1dfjd1amza2ydkcmbqjkwx6y8e0ahbfe2pmsvscbp86hafvypfqa162kvet06eje2sdaca2d7zzys2mtw8vf8h8wbp61wjsy66rmpzswmnv2jqxhqtf54zkczzs7rxz0853wfjrx6sxpc1b745bxhm42je4zd7k63mn43vjp885facbmw7axrwe4tsfm1fxesfjcf021jksnvxwbv3jt7t3785r2r0vtgcnetzrshc84r5mfynxz04w8w7h0y7wapzq1xgc445x3dfk96&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHv9B_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS9AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gagFNuyGDgcmzosjNqtzcxRXHFzRn5uxqEfUwsqmNkreFkoV-66_acYiSoAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_13oy_u-TCxRp9tZA-5wZmaGT5lfQ%26client%3Dca-pub-9712968225926319%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7bec861a9e533cb1-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 04:22:23 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 48B6 94 KB
12 KB 28ms
27ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C331863%2C337344&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CX9MHzfGeTxMJqc6H4HetqtY8XUBTkTXKKFJ%2CR4WTgf1Xfk8P2ukHwH3tQtwGzwswTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Ce26U3fKZsJKPxSjHZHet2CZ8PTjTQTx88t1%2CQPwc4fb6CpQ9XhxH5HYt9Cb23bHDT4T5qqaV&c=300&d=250&e=&g=1ac900d18218b0bc91614839092770a2%2F6054773707199071952&i=30425%2C27718%2C74253&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmsf4g07cdfft11rcbdf1bg998ch8anwfs4sr2614bkbg71zhb7vsyghzqhx6zn2qee53dncrfcvcdk8a9kd9r3ajrj9ka2fvf89e6p30xsc90atwbez5yws61xhxn19r6p7gavkv0hbfj4y5pwvdnhbbfa6nae2ryjswrc6ey76yacmw52acn5kmmx762d8fwnvwa6xh5vbna2dhgf0mmkz1sye8b966qrq1knjwe4wyaecp6wrkz99zwqb4f40890gc1sfjtza46znqng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwK29_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS9AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-ix4d5xD5lAeAygpeTQFqSCow1LZralCUcAwZYvvkKK8sNE7Z0acxbIDQ4AGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15t4Y6S8yXoN8tncqR9Wf6BKj6IQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=119648%2C331863%2C337344&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CX9MHzfGeTxMJqc6H4HetqtY8XUBTkTXKKFJ%2CR4WTgf1Xfk8P2ukHwH3tQtwGzwswTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Ce26U3fKZsJKPxSjHZHet2CZ8PTjTQTx88t1%2CQPwc4fb6CpQ9XhxH5HYt9Cb23bHDT4T5qqaV&c=300&d=250&e=&g=1ac900d18218b0bc91614839092770a2%2F6054773707199071952&i=30425%2C27718%2C74253&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmsf4g07cdfft11rcbdf1bg998ch8anwfs4sr2614bkbg71zhb7vsyghzqhx6zn2qee53dncrfcvcdk8a9kd9r3ajrj9ka2fvf89e6p30xsc90atwbez5yws61xhxn19r6p7gavkv0hbfj4y5pwvdnhbbfa6nae2ryjswrc6ey76yacmw52acn5kmmx762d8fwnvwa6xh5vbna2dhgf0mmkz1sye8b966qrq1knjwe4wyaecp6wrkz99zwqb4f40890gc1sfjtza46znqng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwK29_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS9AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-ix4d5xD5lAeAygpeTQFqSCow1LZralCUcAwZYvvkKK8sNE7Z0acxbIDQ4AGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15t4Y6S8yXoN8tncqR9Wf6BKj6IQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 235061
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jmXIB9j7uWLmWt7We7kPqbKXipx76i%2B1i7mDP5%2FHvun663ZtsG3kIi9jhg1PTCS83RpuqPLxlKtKzo74oictA7zVLy782nosWFDsZhnlpDHTTVwyITkCVp2iOrHJCDQVT5d9ezRs18%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7bec861ace633cb1-CDG
expires: Fri, 28 Apr 2023 05:22:23 GMT

GET
H3 200 B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.
assets.ad4m.at/logo/ Frame 48B6 11 KB
11 KB 29ms
29ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C331863%2C337344&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CX9MHzfGeTxMJqc6H4HetqtY8XUBTkTXKKFJ%2CR4WTgf1Xfk8P2ukHwH3tQtwGzwswTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Ce26U3fKZsJKPxSjHZHet2CZ8PTjTQTx88t1%2CQPwc4fb6CpQ9XhxH5HYt9Cb23bHDT4T5qqaV&c=300&d=250&e=&g=1ac900d18218b0bc91614839092770a2%2F6054773707199071952&i=30425%2C27718%2C74253&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmsf4g07cdfft11rcbdf1bg998ch8anwfs4sr2614bkbg71zhb7vsyghzqhx6zn2qee53dncrfcvcdk8a9kd9r3ajrj9ka2fvf89e6p30xsc90atwbez5yws61xhxn19r6p7gavkv0hbfj4y5pwvdnhbbfa6nae2ryjswrc6ey76yacmw52acn5kmmx762d8fwnvwa6xh5vbna2dhgf0mmkz1sye8b966qrq1knjwe4wyaecp6wrkz99zwqb4f40890gc1sfjtza46znqng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwK29_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS9AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-ix4d5xD5lAeAygpeTQFqSCow1LZralCUcAwZYvvkKK8sNE7Z0acxbIDQ4AGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15t4Y6S8yXoN8tncqR9Wf6BKj6IQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 661cf5bc8d00c66ff3e06bafa6e64e168bc2d2c218e5ed7247cdb1f22ab2bc61

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1872017
cf-polished: origSize=14458, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11091
cf-bgj: imgq:85,h2pri
last-modified: Fri, 07 May 2021 10:01:33 GMT
server: cloudflare
etag: "dab6e07cc0ddae30cee97f47f1ed718c"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFgNVEJujOhogcnUTWWwjBbXvokUKR5fXr8TSAqOo5GNj7A%2FbVW%2BbYJVu%2FmhUVW7rcaSoPW%2F0OA5TeC4fGVKPYpgbmqHXsSpTkGjb8QXFbqW7Xw1aSKsBJcExRewcFAUPOZAJzLXcJbPMNHY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bec861ace643cb1-CDG
expires: Sat, 29 Apr 2023 04:22:23 GMT

GET
H3 200 E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.
assets.ad4m.at/product_image/ Frame 48B6 66 KB
67 KB 42ms
41ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C331863%2C337344&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CX9MHzfGeTxMJqc6H4HetqtY8XUBTkTXKKFJ%2CR4WTgf1Xfk8P2ukHwH3tQtwGzwswTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Ce26U3fKZsJKPxSjHZHet2CZ8PTjTQTx88t1%2CQPwc4fb6CpQ9XhxH5HYt9Cb23bHDT4T5qqaV&c=300&d=250&e=&g=1ac900d18218b0bc91614839092770a2%2F6054773707199071952&i=30425%2C27718%2C74253&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmsf4g07cdfft11rcbdf1bg998ch8anwfs4sr2614bkbg71zhb7vsyghzqhx6zn2qee53dncrfcvcdk8a9kd9r3ajrj9ka2fvf89e6p30xsc90atwbez5yws61xhxn19r6p7gavkv0hbfj4y5pwvdnhbbfa6nae2ryjswrc6ey76yacmw52acn5kmmx762d8fwnvwa6xh5vbna2dhgf0mmkz1sye8b966qrq1knjwe4wyaecp6wrkz99zwqb4f40890gc1sfjtza46znqng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwK29_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS9AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-ix4d5xD5lAeAygpeTQFqSCow1LZralCUcAwZYvvkKK8sNE7Z0acxbIDQ4AGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15t4Y6S8yXoN8tncqR9Wf6BKj6IQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f64fac551f092b7a83154182486fb538cc9da2b3c3e229781af358a9707946e9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130041
cf-polished: origFmt=png, origSize=142926
content-disposition: inline; filename="E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67490
cf-bgj: imgq:85,h2pri
last-modified: Fri, 07 May 2021 09:55:07 GMT
server: cloudflare
etag: "094f912bcc63eefcc3e544b9efc88d5b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ffoa6%2BpvJCt%2F%2BY0%2FF%2B4KIRoEuvcB1N%2F7R71d0yXpFfbXdxn1pgeLHChHGN63IB6m1OPVg0Y9ClSR2fuJI4dyT8iOSom3NXE52%2FeMpRJ9HR%2B1NPItRSWQM53aNgOGt42Ec8Zmy9gBntTT8Lx5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bec861ace653cb1-CDG
expires: Sat, 29 Apr 2023 04:22:23 GMT

GET
H/1.1 200
OK /
jpp.aircaraibes.com/ Frame 48B6 43 B
2 KB 106ms
39ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jpp.aircaraibes.com/?t=P51125B56C8632157&argsite=oneidpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCEoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C331863%2C337344&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CX9MHzfGeTxMJqc6H4HetqtY8XUBTkTXKKFJ%2CR4WTgf1Xfk8P2ukHwH3tQtwGzwswTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Ce26U3fKZsJKPxSjHZHet2CZ8PTjTQTx88t1%2CQPwc4fb6CpQ9XhxH5HYt9Cb23bHDT4T5qqaV&c=300&d=250&e=&g=1ac900d18218b0bc91614839092770a2%2F6054773707199071952&i=30425%2C27718%2C74253&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmsf4g07cdfft11rcbdf1bg998ch8anwfs4sr2614bkbg71zhb7vsyghzqhx6zn2qee53dncrfcvcdk8a9kd9r3ajrj9ka2fvf89e6p30xsc90atwbez5yws61xhxn19r6p7gavkv0hbfj4y5pwvdnhbbfa6nae2ryjswrc6ey76yacmw52acn5kmmx762d8fwnvwa6xh5vbna2dhgf0mmkz1sye8b966qrq1knjwe4wyaecp6wrkz99zwqb4f40890gc1sfjtza46znqng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwK29_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS9AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-ix4d5xD5lAeAygpeTQFqSCow1LZralCUcAwZYvvkKK8sNE7Z0acxbIDQ4AGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15t4Y6S8yXoN8tncqR9Wf6BKj6IQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.131.136.1 , France, ASN47841 (OXALIDE, FR),

Reverse DNS

front.netaffiliation.net

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 04:22:23 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.011441946029663
Connection: keep-alive
X-TRK-PROC: 70235
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
X-TRK-SRV: 1
Server: nginx
Last-Modified: Fri, 28 Apr 2023 04:22:23 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 56515324823B20B365599899F7CDEAEB06518780A43B3E7AB9DC3B7026550354C014E90B362FBE6746CDD7B1A883CB77E3AB8F8A4BC408ABCBB20C42D62BACFF
assets.ad4m.at/logo/ Frame 48B6 15 KB
16 KB 62ms
61ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/56515324823B20B365599899F7CDEAEB06518780A43B3E7AB9DC3B7026550354C014E90B362FBE6746CDD7B1A883CB77E3AB8F8A4BC408ABCBB20C42D62BACFF
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C331863%2C337344&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CX9MHzfGeTxMJqc6H4HetqtY8XUBTkTXKKFJ%2CR4WTgf1Xfk8P2ukHwH3tQtwGzwswTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Ce26U3fKZsJKPxSjHZHet2CZ8PTjTQTx88t1%2CQPwc4fb6CpQ9XhxH5HYt9Cb23bHDT4T5qqaV&c=300&d=250&e=&g=1ac900d18218b0bc91614839092770a2%2F6054773707199071952&i=30425%2C27718%2C74253&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmsf4g07cdfft11rcbdf1bg998ch8anwfs4sr2614bkbg71zhb7vsyghzqhx6zn2qee53dncrfcvcdk8a9kd9r3ajrj9ka2fvf89e6p30xsc90atwbez5yws61xhxn19r6p7gavkv0hbfj4y5pwvdnhbbfa6nae2ryjswrc6ey76yacmw52acn5kmmx762d8fwnvwa6xh5vbna2dhgf0mmkz1sye8b966qrq1knjwe4wyaecp6wrkz99zwqb4f40890gc1sfjtza46znqng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwK29_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS9AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-ix4d5xD5lAeAygpeTQFqSCow1LZralCUcAwZYvvkKK8sNE7Z0acxbIDQ4AGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15t4Y6S8yXoN8tncqR9Wf6BKj6IQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 198a13fd37b3d45a2a089dc1c04c1691eaf37c9983a08ea5ca01c44d89b01049

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 250799
cf-polished: degrade=85, origSize=25367, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15646
cf-bgj: imgq:85,h2pri
last-modified: Mon, 23 Jan 2023 08:28:37 GMT
server: cloudflare
etag: "dfa1686790e6feac388f794e778aee4e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1t7Bg3IqsnOGUQVQP0IQWp8QjGXgp1SQL%2BVRSId0YNh7x1iM9F5dxa2%2Ft08uItF50pIaDvaTHO59eCLuDLSKMrE90QRw0dlZ7cCjlxNuzN%2BfXQTRVPryhOcsbgpdLeqjzOzaAoDcvel%2Bxb2l"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bec861ace683cb1-CDG
expires: Sat, 29 Apr 2023 04:22:23 GMT

GET
H3 200 D0574E0413E4E2BF9F008E0925864824C9C91D7469B0410E2F3EB73D162C6D34C8AF516C4C6C55022713841D90D6D03D077D31DADDD18ED4358557306F688430
assets.ad4m.at/product_image/ Frame 48B6 44 KB
45 KB 65ms
64ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/D0574E0413E4E2BF9F008E0925864824C9C91D7469B0410E2F3EB73D162C6D34C8AF516C4C6C55022713841D90D6D03D077D31DADDD18ED4358557306F688430
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C331863%2C337344&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CX9MHzfGeTxMJqc6H4HetqtY8XUBTkTXKKFJ%2CR4WTgf1Xfk8P2ukHwH3tQtwGzwswTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Ce26U3fKZsJKPxSjHZHet2CZ8PTjTQTx88t1%2CQPwc4fb6CpQ9XhxH5HYt9Cb23bHDT4T5qqaV&c=300&d=250&e=&g=1ac900d18218b0bc91614839092770a2%2F6054773707199071952&i=30425%2C27718%2C74253&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmsf4g07cdfft11rcbdf1bg998ch8anwfs4sr2614bkbg71zhb7vsyghzqhx6zn2qee53dncrfcvcdk8a9kd9r3ajrj9ka2fvf89e6p30xsc90atwbez5yws61xhxn19r6p7gavkv0hbfj4y5pwvdnhbbfa6nae2ryjswrc6ey76yacmw52acn5kmmx762d8fwnvwa6xh5vbna2dhgf0mmkz1sye8b966qrq1knjwe4wyaecp6wrkz99zwqb4f40890gc1sfjtza46znqng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwK29_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS9AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-ix4d5xD5lAeAygpeTQFqSCow1LZralCUcAwZYvvkKK8sNE7Z0acxbIDQ4AGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15t4Y6S8yXoN8tncqR9Wf6BKj6IQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8900dfcb3fb3061252db53c35479af4ed2ac43949275adbdace2737b361674b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1864171
cf-polished: degrade=85, origSize=87656, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44946
cf-bgj: imgq:85,h2pri
last-modified: Mon, 23 Jan 2023 08:38:48 GMT
server: cloudflare
etag: "1fa3c4594e12e50f0f5fe57e7d45863b"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2gvpDRJo40jUFBf5Fq%2BIzFF4pzoFM8Jiw9GyLLRW9XO304GefxP75hXm5XXMUOuxK92CA71bQ5%2FP1PT06eG2lu0grVg4DbkiDx1FYWx6pTMDQ66%2FsP22HPOy8OE72Ue5DNIVIrcnTOZzSTf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bec861ace693cb1-CDG
expires: Sat, 29 Apr 2023 04:22:23 GMT

GET
H/1.1 200
OK trk.php
action.metaffiliation.com/ Frame 48B6 43 B
2 KB 44ms
38ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://action.metaffiliation.com/trk.php?taff=P510DF956C8631D43&argsite=oneidX9MHzfGeTxMJqc6H4HetqtY8XUBTkTXKKFJoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.131.136.1 , France, ASN47841 (OXALIDE, FR),

Reverse DNS

front.netaffiliation.net

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 04:22:23 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0099449157714844
Connection: keep-alive
X-TRK-PROC: 69113
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
X-TRK-SRV: 6
Server: nginx
Last-Modified: Fri, 28 Apr 2023 04:22:23 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 8E6112E24CA72CECF391231BFB8CBE06C5595D2145E07986C0615093B1948C8152DB90DEF32D37BB457C10E953AC1F45588FDDD710A0C889448C05BBE2B71014
assets.ad4m.at/logo/ Frame 48B6 9 KB
10 KB 82ms
81ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/8E6112E24CA72CECF391231BFB8CBE06C5595D2145E07986C0615093B1948C8152DB90DEF32D37BB457C10E953AC1F45588FDDD710A0C889448C05BBE2B71014
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C331863%2C337344&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CX9MHzfGeTxMJqc6H4HetqtY8XUBTkTXKKFJ%2CR4WTgf1Xfk8P2ukHwH3tQtwGzwswTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Ce26U3fKZsJKPxSjHZHet2CZ8PTjTQTx88t1%2CQPwc4fb6CpQ9XhxH5HYt9Cb23bHDT4T5qqaV&c=300&d=250&e=&g=1ac900d18218b0bc91614839092770a2%2F6054773707199071952&i=30425%2C27718%2C74253&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmsf4g07cdfft11rcbdf1bg998ch8anwfs4sr2614bkbg71zhb7vsyghzqhx6zn2qee53dncrfcvcdk8a9kd9r3ajrj9ka2fvf89e6p30xsc90atwbez5yws61xhxn19r6p7gavkv0hbfj4y5pwvdnhbbfa6nae2ryjswrc6ey76yacmw52acn5kmmx762d8fwnvwa6xh5vbna2dhgf0mmkz1sye8b966qrq1knjwe4wyaecp6wrkz99zwqb4f40890gc1sfjtza46znqng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwK29_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS9AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-ix4d5xD5lAeAygpeTQFqSCow1LZralCUcAwZYvvkKK8sNE7Z0acxbIDQ4AGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15t4Y6S8yXoN8tncqR9Wf6BKj6IQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e3e9f8d954bbc4ccaaaba37ec087200fc27613396bef7935fa0057a5b125d8a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34732
cf-polished: qual=85, origFmt=jpeg, origSize=25686
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9246
cf-bgj: imgq:85,h2pri
last-modified: Mon, 20 Feb 2023 14:39:55 GMT
server: cloudflare
etag: "fbfe879b30f0a3016143c62a03cc7950"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J62wphySjTk6UAiYPzpmrjnCBQauttGFY3yWpIVadDZ6WUi31W6d8w34KA71rFuALUFUq6lSmepS9%2FDgN4DTE10xLdzpHmxK1BiVb438D1lRvXimNE4t7mKT1yTUoquTOy3Pt%2F2HItaWY8sB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bec861ace6a3cb1-CDG
expires: Sat, 29 Apr 2023 04:22:23 GMT

GET
H3 200 C0623A880E9DE99DCED5DFEA7C126B0D438A62D5526E0A539A5E06A470223213EEA75F6815823799B21D97E82BEEFD9E9ECDD76A1A443D1E9AB398D084283187
assets.ad4m.at/product_image/ Frame 48B6 20 KB
21 KB 30ms
29ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/C0623A880E9DE99DCED5DFEA7C126B0D438A62D5526E0A539A5E06A470223213EEA75F6815823799B21D97E82BEEFD9E9ECDD76A1A443D1E9AB398D084283187
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C331863%2C337344&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CX9MHzfGeTxMJqc6H4HetqtY8XUBTkTXKKFJ%2CR4WTgf1Xfk8P2ukHwH3tQtwGzwswTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Ce26U3fKZsJKPxSjHZHet2CZ8PTjTQTx88t1%2CQPwc4fb6CpQ9XhxH5HYt9Cb23bHDT4T5qqaV&c=300&d=250&e=&g=1ac900d18218b0bc91614839092770a2%2F6054773707199071952&i=30425%2C27718%2C74253&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmsf4g07cdfft11rcbdf1bg998ch8anwfs4sr2614bkbg71zhb7vsyghzqhx6zn2qee53dncrfcvcdk8a9kd9r3ajrj9ka2fvf89e6p30xsc90atwbez5yws61xhxn19r6p7gavkv0hbfj4y5pwvdnhbbfa6nae2ryjswrc6ey76yacmw52acn5kmmx762d8fwnvwa6xh5vbna2dhgf0mmkz1sye8b966qrq1knjwe4wyaecp6wrkz99zwqb4f40890gc1sfjtza46znqng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwK29_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS9AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-ix4d5xD5lAeAygpeTQFqSCow1LZralCUcAwZYvvkKK8sNE7Z0acxbIDQ4AGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15t4Y6S8yXoN8tncqR9Wf6BKj6IQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d70ce3634a802c55840a92bd6521cc811972195b5374f45b2e3a4f4efc138e5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31508
cf-polished: qual=85, origFmt=jpeg, origSize=52383
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20812
cf-bgj: imgq:85,h2pri
last-modified: Mon, 20 Feb 2023 14:42:27 GMT
server: cloudflare
etag: "464e2b4d29297d5a40e7eb7599c424eb"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2BBhJLw%2FXb2hHs%2FrQ9gRU66oqfF5KjhYnG69bTPSc8W%2BhAQ%2BAfqSAd%2FxKWGVZmBZRvUxYsn5EyZlB7Tu1YuKh5KNBZPlSMqJxTFsfxEWHiiKyKFAnbSwd%2BkwAqrSv7RtX4zNblhprTVn4D0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bec861ace6c3cb1-CDG
expires: Sat, 29 Apr 2023 04:22:23 GMT

GET
H/1.1 200
OK trk.php
action.metaffiliation.com/ Frame 48B6 43 B
2 KB 73ms
36ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://action.metaffiliation.com/trk.php?taff=P51100556C8631B19&argsite=oneidR4WTgf1Xfk8P2ukHwH3tQtwGzwswTzTmqqH7oneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.131.136.1 , France, ASN47841 (OXALIDE, FR),

Reverse DNS

front.netaffiliation.net

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 04:22:23 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0082249641418457
Connection: keep-alive
X-TRK-PROC: 69637
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
X-TRK-SRV: 4
Server: nginx
Last-Modified: Fri, 28 Apr 2023 04:22:23 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 3EFC 94 KB
12 KB 81ms
80ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=311476%2C345677%2C324053&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CR4WTgf1XfkmQ4SkHwH3tQtZErwSwTzTmqqH7%2CbWgtQfAecq1mYfYHbHztKtEDwBfxTJT5WWaJ&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CQPwc4fb6Cpk8gFxH5HYt9C7PYbUDT4T5qqaV%2C39zHpfA7cVdj3T7HrHAtXCMr9GF8TWTA11Cd&c=300&d=250&e=&g=bab37016dc0cfa34fe9c6bf3e8f229fb%2F5864692739148579687&i=108136%2C114077%2C111727&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2rfzeeyct9ce6wjq6fye0vkg5b1kwpdfb0s97jbq3kezd12qwzdnv9f3d1b7q364jkcvgf78r1w6770e8vd6rtvwkj7t8v72dg0h3d8bps7fz16m7kqf7krvzw9ymkv2de20znn3e57z6k61xk3cc198qcyh3tp4fctw3gc0rnhn6atdw370cy9b7x81r90vtgxva80vxz3ebmc6yvakkn7wh9wgknagg88j5z189hvbspazgbs16sngcrsqjkjjrwbqhnwv3yy1dh76xg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHv9B_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS9AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gagFNuyGDgcmzosjNqtzcxRXHFzRn5uxqEfUwsqmNkreFkoV-66_acYiSoAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_13oy_u-TCxRp9tZA-5wZmaGT5lfQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=311476%2C345677%2C324053&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CR4WTgf1XfkmQ4SkHwH3tQtZErwSwTzTmqqH7%2CbWgtQfAecq1mYfYHbHztKtEDwBfxTJT5WWaJ&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CQPwc4fb6Cpk8gFxH5HYt9C7PYbUDT4T5qqaV%2C39zHpfA7cVdj3T7HrHAtXCMr9GF8TWTA11Cd&c=300&d=250&e=&g=bab37016dc0cfa34fe9c6bf3e8f229fb%2F5864692739148579687&i=108136%2C114077%2C111727&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2rfzeeyct9ce6wjq6fye0vkg5b1kwpdfb0s97jbq3kezd12qwzdnv9f3d1b7q364jkcvgf78r1w6770e8vd6rtvwkj7t8v72dg0h3d8bps7fz16m7kqf7krvzw9ymkv2de20znn3e57z6k61xk3cc198qcyh3tp4fctw3gc0rnhn6atdw370cy9b7x81r90vtgxva80vxz3ebmc6yvakkn7wh9wgknagg88j5z189hvbspazgbs16sngcrsqjkjjrwbqhnwv3yy1dh76xg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHv9B_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS9AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gagFNuyGDgcmzosjNqtzcxRXHFzRn5uxqEfUwsqmNkreFkoV-66_acYiSoAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_13oy_u-TCxRp9tZA-5wZmaGT5lfQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 235061
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ByquUQPhKQtxF2FZwZFFQSViilx51hRVV8T6TzEnvmvjuMONHQITdpIwZoOtwueRP5ljFdMrD3zGzcmMtxrp0p%2BP5K0xKRF3Z%2BZ1BrSLJ1CB79azjcdCJ7FfK2hTep1DcRRfb4XDGFM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7bec861aee773cb1-CDG
expires: Fri, 28 Apr 2023 05:22:23 GMT

GET
H3 200 CB657DFF981908F52026808C3EC67742597371F9C5A62BA0019B93E0EA086B7A50C8442145BDB34CB6C406D282BC422958046D73D8FC4606E85833099551F02F
assets.ad4m.at/logo/ Frame 3EFC 7 KB
8 KB 81ms
81ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CB657DFF981908F52026808C3EC67742597371F9C5A62BA0019B93E0EA086B7A50C8442145BDB34CB6C406D282BC422958046D73D8FC4606E85833099551F02F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=311476%2C345677%2C324053&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CR4WTgf1XfkmQ4SkHwH3tQtZErwSwTzTmqqH7%2CbWgtQfAecq1mYfYHbHztKtEDwBfxTJT5WWaJ&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CQPwc4fb6Cpk8gFxH5HYt9C7PYbUDT4T5qqaV%2C39zHpfA7cVdj3T7HrHAtXCMr9GF8TWTA11Cd&c=300&d=250&e=&g=bab37016dc0cfa34fe9c6bf3e8f229fb%2F5864692739148579687&i=108136%2C114077%2C111727&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2rfzeeyct9ce6wjq6fye0vkg5b1kwpdfb0s97jbq3kezd12qwzdnv9f3d1b7q364jkcvgf78r1w6770e8vd6rtvwkj7t8v72dg0h3d8bps7fz16m7kqf7krvzw9ymkv2de20znn3e57z6k61xk3cc198qcyh3tp4fctw3gc0rnhn6atdw370cy9b7x81r90vtgxva80vxz3ebmc6yvakkn7wh9wgknagg88j5z189hvbspazgbs16sngcrsqjkjjrwbqhnwv3yy1dh76xg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHv9B_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS9AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gagFNuyGDgcmzosjNqtzcxRXHFzRn5uxqEfUwsqmNkreFkoV-66_acYiSoAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_13oy_u-TCxRp9tZA-5wZmaGT5lfQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69af47ae4c1d90831351b53f445bdf076b8991e2e4d543c8edd96d42957d41f3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2135255
cf-polished: origFmt=png, origSize=21356
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7240
cf-bgj: imgq:85,h2pri
last-modified: Fri, 25 Nov 2022 10:25:08 GMT
server: cloudflare
etag: "259405af3fc71c071b3fbf0cd0e617cd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGZ5wBnERSKO2eNytkvJxLwsgy732gRD3WwHqixQ180uAVDjygGwf1z76nbVO6IzPXE1YOXC8ntFcJuiGlw74OkSHO2qbN14bAExj1pLpH1vz3qucqRlZv3mKWgRipuDrFFlcCTPPACWCujc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bec861aee793cb1-CDG
expires: Sat, 29 Apr 2023 04:22:23 GMT

GET
H3 200 4152008FA3D646ED4C833EF42E1D50F4EACE2DEE9918F0C3A01B822A121FE7D49B79F3D604D9BB460422C9933408EB8FC024051051B8566807EA89FBAC66EAE6
assets.ad4m.at/product_image/ Frame 3EFC 36 KB
37 KB 81ms
80ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/4152008FA3D646ED4C833EF42E1D50F4EACE2DEE9918F0C3A01B822A121FE7D49B79F3D604D9BB460422C9933408EB8FC024051051B8566807EA89FBAC66EAE6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=311476%2C345677%2C324053&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CR4WTgf1XfkmQ4SkHwH3tQtZErwSwTzTmqqH7%2CbWgtQfAecq1mYfYHbHztKtEDwBfxTJT5WWaJ&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CQPwc4fb6Cpk8gFxH5HYt9C7PYbUDT4T5qqaV%2C39zHpfA7cVdj3T7HrHAtXCMr9GF8TWTA11Cd&c=300&d=250&e=&g=bab37016dc0cfa34fe9c6bf3e8f229fb%2F5864692739148579687&i=108136%2C114077%2C111727&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2rfzeeyct9ce6wjq6fye0vkg5b1kwpdfb0s97jbq3kezd12qwzdnv9f3d1b7q364jkcvgf78r1w6770e8vd6rtvwkj7t8v72dg0h3d8bps7fz16m7kqf7krvzw9ymkv2de20znn3e57z6k61xk3cc198qcyh3tp4fctw3gc0rnhn6atdw370cy9b7x81r90vtgxva80vxz3ebmc6yvakkn7wh9wgknagg88j5z189hvbspazgbs16sngcrsqjkjjrwbqhnwv3yy1dh76xg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHv9B_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS9AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gagFNuyGDgcmzosjNqtzcxRXHFzRn5uxqEfUwsqmNkreFkoV-66_acYiSoAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_13oy_u-TCxRp9tZA-5wZmaGT5lfQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc567bde2ce90dd90e0d3b0bd59021c45a440a12842354e0e026e4069352265b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2135255
cf-polished: qual=85, origFmt=jpeg, origSize=87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37370
cf-bgj: imgq:85,h2pri
last-modified: Tue, 27 Sep 2022 13:48:14 GMT
server: cloudflare
etag: "9a6129b7ff41e62364178396f58341a3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUVLTwkVDSu3e%2B4NxDUFqAHhubXOKVOGXnejxnj6DKUcUdwN47AweXvch%2Fqs2QiZNxokegNPpxA8qSQbMH8GoQrWuAIKPT1ThSO2tgfvJvEvXahoAx8hQyhsWCj%2FdlXrZRbeZupM6c4EO4no"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bec861aee7b3cb1-CDG
expires: Sat, 29 Apr 2023 04:22:23 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 3EFC 43 B
702 B 125ms
64ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2993007&v=25911&q=423187&r=412871&pv=1&pref3=oneidbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=311476%2C345677%2C324053&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CR4WTgf1XfkmQ4SkHwH3tQtZErwSwTzTmqqH7%2CbWgtQfAecq1mYfYHbHztKtEDwBfxTJT5WWaJ&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CQPwc4fb6Cpk8gFxH5HYt9C7PYbUDT4T5qqaV%2C39zHpfA7cVdj3T7HrHAtXCMr9GF8TWTA11Cd&c=300&d=250&e=&g=bab37016dc0cfa34fe9c6bf3e8f229fb%2F5864692739148579687&i=108136%2C114077%2C111727&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2rfzeeyct9ce6wjq6fye0vkg5b1kwpdfb0s97jbq3kezd12qwzdnv9f3d1b7q364jkcvgf78r1w6770e8vd6rtvwkj7t8v72dg0h3d8bps7fz16m7kqf7krvzw9ymkv2de20znn3e57z6k61xk3cc198qcyh3tp4fctw3gc0rnhn6atdw370cy9b7x81r90vtgxva80vxz3ebmc6yvakkn7wh9wgknagg88j5z189hvbspazgbs16sngcrsqjkjjrwbqhnwv3yy1dh76xg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHv9B_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS9AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gagFNuyGDgcmzosjNqtzcxRXHFzRn5uxqEfUwsqmNkreFkoV-66_acYiSoAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_13oy_u-TCxRp9tZA-5wZmaGT5lfQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Apr 2023 04:22:23 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 5427CB6C2A5B68DDC05D0968FF850A2B2AC0DCA0FE4D486D3EE0ADE9F335CDEE94CA4E2E42E7A7E17EB95C39E7563EF29468307FC2D695ABEDC08750EC312A92
assets.ad4m.at/logo/ Frame 3EFC 8 KB
8 KB 96ms
95ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/5427CB6C2A5B68DDC05D0968FF850A2B2AC0DCA0FE4D486D3EE0ADE9F335CDEE94CA4E2E42E7A7E17EB95C39E7563EF29468307FC2D695ABEDC08750EC312A92
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=311476%2C345677%2C324053&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CR4WTgf1XfkmQ4SkHwH3tQtZErwSwTzTmqqH7%2CbWgtQfAecq1mYfYHbHztKtEDwBfxTJT5WWaJ&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CQPwc4fb6Cpk8gFxH5HYt9C7PYbUDT4T5qqaV%2C39zHpfA7cVdj3T7HrHAtXCMr9GF8TWTA11Cd&c=300&d=250&e=&g=bab37016dc0cfa34fe9c6bf3e8f229fb%2F5864692739148579687&i=108136%2C114077%2C111727&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2rfzeeyct9ce6wjq6fye0vkg5b1kwpdfb0s97jbq3kezd12qwzdnv9f3d1b7q364jkcvgf78r1w6770e8vd6rtvwkj7t8v72dg0h3d8bps7fz16m7kqf7krvzw9ymkv2de20znn3e57z6k61xk3cc198qcyh3tp4fctw3gc0rnhn6atdw370cy9b7x81r90vtgxva80vxz3ebmc6yvakkn7wh9wgknagg88j5z189hvbspazgbs16sngcrsqjkjjrwbqhnwv3yy1dh76xg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHv9B_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS9AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gagFNuyGDgcmzosjNqtzcxRXHFzRn5uxqEfUwsqmNkreFkoV-66_acYiSoAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_13oy_u-TCxRp9tZA-5wZmaGT5lfQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 749bfd55e1f89872d1a460a13c0435ba12bf979fb3203130fd0b17b170c17884

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 962480
cf-polished: qual=85, origFmt=jpeg, origSize=21122
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7714
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Mar 2023 10:21:39 GMT
server: cloudflare
etag: "253c8aab37bcae293f4a68cc1a4617e1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vANtLpT0yXdpqj%2FWKsKLyVzuwBWKG6kBPxLt2ByaG70Oa5jln8bnA3zu3A9JaNO4Xo1kJsSHgiIV4Kj7pQ4Q2WFaj6icdd0LCa8VOeXmqHrFpsfiG5SerKE0Mho%2BpF0%2Fif7CpnV1uMW3mhgx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bec861aee7d3cb1-CDG
expires: Sat, 29 Apr 2023 04:22:23 GMT

GET
H3 200 A33529148929320A7C5D7857C19E98EEF847B9AA7DD3CD752B52737C3942820F093BEEF9B1DE45A0EFCBA029F63891F495BB768855486607C1ECC47832742DD1
assets.ad4m.at/ Frame 3EFC 17 KB
17 KB 98ms
97ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/A33529148929320A7C5D7857C19E98EEF847B9AA7DD3CD752B52737C3942820F093BEEF9B1DE45A0EFCBA029F63891F495BB768855486607C1ECC47832742DD1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=311476%2C345677%2C324053&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CR4WTgf1XfkmQ4SkHwH3tQtZErwSwTzTmqqH7%2CbWgtQfAecq1mYfYHbHztKtEDwBfxTJT5WWaJ&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CQPwc4fb6Cpk8gFxH5HYt9C7PYbUDT4T5qqaV%2C39zHpfA7cVdj3T7HrHAtXCMr9GF8TWTA11Cd&c=300&d=250&e=&g=bab37016dc0cfa34fe9c6bf3e8f229fb%2F5864692739148579687&i=108136%2C114077%2C111727&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2rfzeeyct9ce6wjq6fye0vkg5b1kwpdfb0s97jbq3kezd12qwzdnv9f3d1b7q364jkcvgf78r1w6770e8vd6rtvwkj7t8v72dg0h3d8bps7fz16m7kqf7krvzw9ymkv2de20znn3e57z6k61xk3cc198qcyh3tp4fctw3gc0rnhn6atdw370cy9b7x81r90vtgxva80vxz3ebmc6yvakkn7wh9wgknagg88j5z189hvbspazgbs16sngcrsqjkjjrwbqhnwv3yy1dh76xg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHv9B_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS9AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gagFNuyGDgcmzosjNqtzcxRXHFzRn5uxqEfUwsqmNkreFkoV-66_acYiSoAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_13oy_u-TCxRp9tZA-5wZmaGT5lfQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c887903723ff9048aa1ce27e979b08e7777805e80c61736e479d06cf8535289f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 605392
cf-polished: qual=85, origFmt=jpeg, origSize=40506
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16896
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Mar 2023 10:25:33 GMT
server: cloudflare
etag: "3131d02a5e43d40b9cc755bbea4b8489"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BJ%2F9I9Kb2UckWX8EwHUn%2FYxpoKR1%2FpHaDWvUvglt4Jm04pog0AkOOsugSiHxNU3J3tXXRQgPo2ULshOkIRhNCrq6op559uQoS0Nc8k9KrxyQKqzt1jaS9rOJ8LKO2gkN%2FC7r8EdyVl2fuvv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bec861aee7e3cb1-CDG
expires: Sat, 29 Apr 2023 04:22:23 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 3EFC 43 B
702 B 117ms
56ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3307996&v=19280&q=454926&r=412871&pv=1&pref3=oneidR4WTgf1XfkmQ4SkHwH3tQtZErwSwTzTmqqH7oneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Apr 2023 04:22:23 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 1DAAAE2568951C06FB7158EAAD1019B74F83EF8D31820C64F1BA3CA991B3A16138205A5035468B4D4355E4EA0A1BBBC704F51895711B7477AC9C4CE0D4C1B40B
assets.ad4m.at/logo/ Frame 3EFC 10 KB
10 KB 112ms
111ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/1DAAAE2568951C06FB7158EAAD1019B74F83EF8D31820C64F1BA3CA991B3A16138205A5035468B4D4355E4EA0A1BBBC704F51895711B7477AC9C4CE0D4C1B40B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=311476%2C345677%2C324053&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CR4WTgf1XfkmQ4SkHwH3tQtZErwSwTzTmqqH7%2CbWgtQfAecq1mYfYHbHztKtEDwBfxTJT5WWaJ&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CQPwc4fb6Cpk8gFxH5HYt9C7PYbUDT4T5qqaV%2C39zHpfA7cVdj3T7HrHAtXCMr9GF8TWTA11Cd&c=300&d=250&e=&g=bab37016dc0cfa34fe9c6bf3e8f229fb%2F5864692739148579687&i=108136%2C114077%2C111727&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2rfzeeyct9ce6wjq6fye0vkg5b1kwpdfb0s97jbq3kezd12qwzdnv9f3d1b7q364jkcvgf78r1w6770e8vd6rtvwkj7t8v72dg0h3d8bps7fz16m7kqf7krvzw9ymkv2de20znn3e57z6k61xk3cc198qcyh3tp4fctw3gc0rnhn6atdw370cy9b7x81r90vtgxva80vxz3ebmc6yvakkn7wh9wgknagg88j5z189hvbspazgbs16sngcrsqjkjjrwbqhnwv3yy1dh76xg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHv9B_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS9AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gagFNuyGDgcmzosjNqtzcxRXHFzRn5uxqEfUwsqmNkreFkoV-66_acYiSoAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_13oy_u-TCxRp9tZA-5wZmaGT5lfQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2fe930e82faaf6889e91c7e43552a136bf54a779abd70f2a2680192e825c3e4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1757451
cf-polished: degrade=85, origSize=16651, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10019
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 09:46:04 GMT
server: cloudflare
etag: "552003bd6d7965e9a8fc8b2699c69ca2"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=658beeUL0n9fDKrjhRZzkE1f7E4S0jyYUGuqHzhgJu0FHc60f45Inw6QpGj28zMEuz7E%2FFHFpFI1dyD7rPXr3aEIaONobQbAgLMvuJuxHUl6E5bNR3DMIOUDuokjqfIS4CoWJPOvwkMVxWZY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bec861aee7f3cb1-CDG
expires: Sat, 29 Apr 2023 04:22:23 GMT

GET
H3 200 564343C9E6F80D427F2338A851F222F82EFC507190CC7F6801EDC7BD3DC9948F4AB86D3BE6BD2A1F97B83765D3E974C1795BCC42A384573E751E896DE9342537
assets.ad4m.at/product_image/ Frame 3EFC 36 KB
37 KB 113ms
112ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/564343C9E6F80D427F2338A851F222F82EFC507190CC7F6801EDC7BD3DC9948F4AB86D3BE6BD2A1F97B83765D3E974C1795BCC42A384573E751E896DE9342537
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=311476%2C345677%2C324053&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CR4WTgf1XfkmQ4SkHwH3tQtZErwSwTzTmqqH7%2CbWgtQfAecq1mYfYHbHztKtEDwBfxTJT5WWaJ&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CQPwc4fb6Cpk8gFxH5HYt9C7PYbUDT4T5qqaV%2C39zHpfA7cVdj3T7HrHAtXCMr9GF8TWTA11Cd&c=300&d=250&e=&g=bab37016dc0cfa34fe9c6bf3e8f229fb%2F5864692739148579687&i=108136%2C114077%2C111727&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2rfzeeyct9ce6wjq6fye0vkg5b1kwpdfb0s97jbq3kezd12qwzdnv9f3d1b7q364jkcvgf78r1w6770e8vd6rtvwkj7t8v72dg0h3d8bps7fz16m7kqf7krvzw9ymkv2de20znn3e57z6k61xk3cc198qcyh3tp4fctw3gc0rnhn6atdw370cy9b7x81r90vtgxva80vxz3ebmc6yvakkn7wh9wgknagg88j5z189hvbspazgbs16sngcrsqjkjjrwbqhnwv3yy1dh76xg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHv9B_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS9AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gagFNuyGDgcmzosjNqtzcxRXHFzRn5uxqEfUwsqmNkreFkoV-66_acYiSoAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_13oy_u-TCxRp9tZA-5wZmaGT5lfQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 726b5d151a553af830624fb750b99c4b55c10c6175766c29fcdcec7c245b1f0f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1870330
cf-polished: degrade=85, origSize=59624, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37270
cf-bgj: imgq:85,h2pri
last-modified: Tue, 06 Dec 2022 09:19:57 GMT
server: cloudflare
etag: "916f64f463543564e0074e2cc917a8f5"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Qr9TjhGGYv%2FQXpMbkmgJZA3Ji50Uilsani0RPPiqxbNV%2F%2FDoBEn2DeU1%2FZFI3hpQ%2FoGBPb%2FUGOvTBbMoUD0cTBMbw9JIyPY5QY6zV%2BVMDIBjIKTfNgcvHQR3471IuA4ookhN8C9hyKS2p03"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bec861aee803cb1-CDG
expires: Sat, 29 Apr 2023 04:22:23 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 3EFC 43 B
702 B 123ms
63ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3078744&v=13463&q=338696&r=412871&pv=1&pref3=oneidbWgtQfAecq1mYfYHbHztKtEDwBfxTJT5WWaJoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Apr 2023 04:22:23 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 92E2 42 B
174 B 62ms
61ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYafZXmiJhpTQJJXRLViydS2phPJDutUG_a40JbaZuSwCXp0NxlHgyZ6LhArEepGZ_KTpPtQapDMsVQivtHC7I94Mpf3a05USx7hiWUc3-SfSLSjxTtbW_8dtCdjvuGfVCibRIFQ&sai=AMfl-YSDIV49nPFi7wCrPiin1C6kRHLtJn2Dh1k2b-q0KRNa9_Csgiecy_K27Zas3L46Hyrt2Yk8G_gh2CyG&sig=Cg0ArKJSzOaxb2IVVjGHEAE&cid=CAQSGwBygQiDUv_5ecdW1azBLeReQl0M5zIWA-U0KBgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=218,813,1001,1001,1001&tos=218,595,188,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682655741802&rpt=487&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 41ms
41ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230424&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94e10e9b89d1b017cd7ecb0d8c2c028aeab3056dc1c4ff58e813973ecd9c05d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11278
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 381ms
380ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Apr 2023 04:22:23 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1C07 42 B
64 B 63ms
62ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstM783s8IU8mw8-nb3Wm0XU9Z4vi_XlnaKGSkxujdqy37RsJulAi9wplIELnkAfALypbTWgqW1JUVrvwSOwwHoRF5hdfp8EGIbFZHRLNSfCZKeJVGLg66dcKdhpl9ci7RTBNHz5Rg&sai=AMfl-YSd2V2yHJVpFxrqmg7A-RetwEN8z9c3AJH8dxGMxkThcChL4szMyZLoyy2iQgYYtxiWdT1lkLKDSKfj&sig=Cg0ArKJSzBnp3KVGl_hnEAE&cid=CAQSGwBygQiDRjC1GaNPH0C4Gz_R9LtOK_iLsLgzQxgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=997297033&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682655740663&rpt=1728&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 04:22:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3CA1 13 KB
5 KB 25ms
25ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngoma.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 46197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 15:32:26 GMT
expires: Fri, 26 Apr 2024 15:32:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 090D 783 B
536 B 35ms
35ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6355734405a13a80609e361efc2587a3672da089cd7d8af35bd49c2bce81398c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zXeQ4-PmL6_6aGfd_7VAUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ngoma.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-zXeQ4-PmL6_6aGfd_7VAUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 04:22:23 GMT
expires: Fri, 28 Apr 2023 04:22:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3CA1 36 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

067a2eb0be482c154a3e8c7f0610adc7d70b0bcc3e1c0869ddad613cb826cc0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 07:27:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 161668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14156
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 07:27:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 090D 0
0 59ms
59ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230424&jk=8829951956623&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3CA1 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_I2V6A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:22:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
62ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230424&jk=8829951956623&bg=!xcalxpLNAAYfNdXmPzU7ADkAdvg8WtjZ1KH4SY-wSQ5q9tpki9fdOvw24hk0s8bKqey1PxJF34SY7tTBe4TDApR_Rnm0vi66iV8CAAAAT1IAAAADaAEHCgCfVo0YNlckO8QTxU8pfu8jK_kQ3COhK8NUSM2PUsZj0EfrKnLwensnq29IZbkEQXSciO0DjFVbIxCdgdj2oUazhdrnPwHS1fISjsnegBo_HyzS6iNeeIfdR2EzMyQbXcmKm3g3KaC3V9FLVaQkyFn5PEq-EFG--G7sBVsrxOj2COcwwyy5O0eyivCECEX6cDTT_ruC69FWluLn6-JRvT31mQLW3KB_suqAtJ_Z0RBxE37nuzzrU-ydE3JfZbcF1LPoQK8gcqgBUheDAVGQ90mDRpAWPb1jkS-DieQtS8TtJnMGtUbDvdXSPB8jh-L6yGmH5NnIttaT6ThXRu86lqiQWR2eXqs49DKSr7VAO_77XxvTBIi63193IhV0TcGm1pekg5f5hkdWEvoNCVRU9sAVGRDHjWsEBJ8tC8A17nL4j5sv61FiZZ5sGrzZzhrtI9c4L3wyhnWkHx6LAQJbiIX6QZnI9pajBL5wXJaA1hu0kbL70KRb2r5xphel2scs9uf9rTBs9lx0cOZbgLwRWqwQ5PQxxP7y6GwAEZL8HNlkvFqq5IoF6VIMCeXbHElpdMA07USEA1DwPFKhH7lDvY0YDM4-DYV9imMQFg8NvFa0DvGz9ZsJV_Vuas_bttmT4H92-LocE-I2lNYDLA5HJinIWmUgeNPNotd3IKrGvt7MYvqDNiFr9y_ttxT7ok92lDTSPpJEzKsX_o6efyJBTAfrnjIcfsy17xsuoG_2QaXtrbn_9TNVy3QH2T64CY6YyLPwSqUbaJ0bXgDfCB-c4uzgSs77wWI5wAEBjlVDFmSctWU2qXlAg5Y82Z-l-AqH3u3JfDXAGlwagH1Y9kS15JPVbsNiUu8DRgL5RYRKKjUaHFdpck-vLYn6vgq6-n4Dc_xS4Jzi5o_Rt9oe7rddXFXEkR7fliAhjfxed-WcPsFhKuvlnvRLOuvZA0W6K1qFqrhAvB0PaEtsKB7t-kg9Zz0J2UdN7W5v7wBkpDY2eDao06eqosz3ecUHItFDnosMDb7kF0F72zuzdi1BNXpX_2rj2D9KwZtPOeSA8ZA-Ri7K9GjuJBqkx3fSMvy0d8Cy67nBPZOu0SOX_WIz0mTsnWaqNeK8M_-Fa7949Gmn18uuex569J0IOa-SHu7EwhSXpnJE9yWvdMHTHO-CxPCpRb-wpNAINTDBFngM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngoma.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ngoma.co.ke/	1970-01-20 21:00:15	Name: _ga_9FXE22BY1W Value: GS1.1.1682655740.1.0.1682655740.0.0.0
.ngoma.co.ke/	1970-01-20 21:00:15	Name: _ga_LDTK57QJ5B Value: GS1.1.1682655740.1.0.1682655740.0.0.0
.ngoma.co.ke/	1970-01-20 21:00:15	Name: _ga Value: GA1.3.1215495359.1682655741
.ngoma.co.ke/	1970-01-20 11:25:42	Name: _gid Value: GA1.3.1412794711.1682655741
.ngoma.co.ke/	1970-01-20 11:24:15	Name: _gat_gtag_UA_251680385_1 Value: 1
.ngoma.co.ke/	1970-01-20 20:45:51	Name: __gads Value: ID=f2d46111199030e8-22e88fbb6edf0096:T=1682655740:RT=1682655740:S=ALNI_Mbv1SbBs54iLEErn5KrV6J_JY5FCg
.ngoma.co.ke/	1970-01-20 20:45:51	Name: __gpi Value: UID=00000be629e805da:T=1682655740:RT=1682655740:S=ALNI_MbJu90V3q3VfxAJJ0ffaDF5U8cK-A
.travelaudience.com/	1970-01-20 20:54:30	Name: _tracker Value: %7B%22UUID%22%3A%227FDA638F-FD47-42E7-9D2D-F812BFB7E6A6%22%7D
.doubleclick.net/	1970-01-20 20:45:51	Name: IDE Value: AHWqTUmhtQBAuf-z7-lsFzNFB0TVuISddfSbomvNWpTk24dQrjP1pTYFmnSoasKTj7k
.bidswitch.net/	1970-01-20 20:09:51	Name: tuuid Value: ea30b1b1-1368-4d5f-a8cd-b726cbc4604f
.bidswitch.net/	1970-01-20 20:09:51	Name: c Value: 1682655742
.bidswitch.net/	1970-01-20 20:09:51	Name: tuuid_lu Value: 1682655742
.turn.com/	1970-01-20 15:43:27	Name: uid Value: 2623529075556375781
.yahoo.com/	1970-01-20 20:10:13	Name: A3 Value: d=AQABBP5JS2QCEBS7hzezhiXgjMtie0NQRJ0FEgEBAQGbTGRVZAAAAAAA_eMAAA&S=AQAAAg95uuhrHXCMmbV8oN-O8L4
.blismedia.com/	1970-01-20 20:09:55	Name: b Value: 644B49FEFA4C5A2B1CF4F3B6BLIS
.adform.net/	1970-01-20 12:07:27	Name: C Value: 1
.adform.net/	1970-01-20 12:50:39	Name: uid Value: 1209270779195707797
.ctnsnet.com/	1970-01-20 20:09:51	Name: gid_CAESED0A6mlHxSkC6prEybvK7IM Value: 1
.ctnsnet.com/	1970-01-20 20:09:51	Name: cid_e8604256de094d54b7039e2891b689eb Value: 1
.adfarm1.adition.com/	1970-01-20 13:33:51	Name: UserID1 Value: 7226951386612103309
.w55c.net/	1970-01-20 20:54:30	Name: wfivefivec Value: AJ2RW8HO1PSfCL5
.pubmatic.com/	1970-01-20 11:25:42	Name: KTPCACOOKIE Value: YES
.creative-serving.com/	1970-01-20 20:45:51	Name: tuuid Value: 912eea59-32a2-4742-a668-259ffbe0ae5b
.creative-serving.com/	1970-01-20 20:45:51	Name: c Value: 1682655743
.creative-serving.com/	1970-01-20 20:45:51	Name: tuuid_lu Value: 1682655743
.w55c.net/	1970-01-20 12:07:27	Name: matchgoogle Value: 5
.pubmatic.com/	1970-01-20 20:09:51	Name: KADUSERCOOKIE Value: 9F714574-0A22-4AFB-B725-4155AABB775F
.tribalfusion.com/	1970-01-20 13:33:51	Name: ANON_ID Value: a2nu7qP3rT7CiAyPrSjnxs7FyKy0V76gindadEiHLI9Xvs5qXFbFLMPplt1KaWo0vBR35cbpZbNXcEb65LXiRZahT3qyStaHN5BOal6HCg
.metaffiliation.com/	1970-01-20 12:50:39	Name: neta_ssc Value: 838cf45lu47zhfjahu2zvtph1zbd
.metaffiliation.com/	1969-12-31 23:59:59	Name: netases_ssc Value: 838cf45lu47zhfjahu2zvtph1zbd
.metaffiliation.com/	1970-01-20 12:50:39	Name: kwknc_ssc Value: dp51100556c8631b19-b25laWRSNFdUZ2YxWGZrOFAydWtId0gzdFF0d0d6d3N3VHpUbXFxSDdvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNjFfVGVjaA%3D%3D
.metaffiliation.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp51100556c8631b19-b25laWRSNFdUZ2YxWGZrOFAydWtId0gzdFF0d0d6d3N3VHpUbXFxSDdvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNjFfVGVjaA%3D%3D
.aircaraibes.com/	1970-01-20 12:50:39	Name: neta_ssc Value: 2cf2f45lu480hofkn0x6k5kcipfs
.aircaraibes.com/	1969-12-31 23:59:59	Name: netases_ssc Value: 2cf2f45lu480hofkn0x6k5kcipfs
.aircaraibes.com/	1970-01-20 12:50:39	Name: kwknc_ssc Value: dp51125b56c8632197-b25laWRwQVpUMWZNeEZtWmJydWtINEhtdHp0ZDFLYWdUUlRFWFhDRW9uZWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g2MV9UZWNo
.aircaraibes.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp51125b56c8632197-b25laWRwQVpUMWZNeEZtWmJydWtINEhtdHp0ZDFLYWdUUlRFWFhDRW9uZWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g2MV9UZWNo
.awin1.com/	1970-01-20 11:27:08	Name: awpv19280 Value: 412871\|1682655743\|4612b550-e57c-11ed-bcf6-22336c0ce064
.awin1.com/	1970-01-20 11:27:08	Name: awpv13463 Value: 412871\|1682655743\|461378a0-e57c-11ed-bcf6-22336c0ce064
.awin1.com/	1970-01-20 11:27:08	Name: awpv25911 Value: 412871\|1682655743\|4613c6c1-e57c-11ed-afd4-223664211a24
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 423187:2993007

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://as.ad4m.at/ad/dr?ed=1kcz1vzhctnn0s3bvm5j1vpd6rfdvmsby67j9m7585h5a1x9zyynx97gb8tan8npj65rh9rrw5vfnwqehfyrddssq8f2ebk5v8n6w6ms1kp95zb2dqtgeyktyan2pfpy81fvktasp1ctvgad3458rnz7wr2a1mq1m0fp6bq0sgh44ax39g2arg6mpx1nj5mevfvmaes4j4yc2q7kr545rd3mfxtbgemn8pz7jcqeeqbpvppw4j3vh7pj53f6k3x0yxp1ahrd3nr34w49wgr9xfe4mh93v91wabww2gm8je0gksh8pa355qv8m35726gvrz5a1c59hv0vp4gr0hjn1t80zss8ev9teh4akpaxxk989z4gw4rzhdtw5ntgntevr2tgb929asm3e3b1ymhkyavenbk8rhx5stqhh83y971ynhmjma5tzqhk098xhda18kr7y30tfg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6f3u_UlLZNrvLIWP7_UPtaep8Avi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS0AU_Q4R4058FZBRSwoInaOTTyXQcH-HyFFoHJhB8SKOALv7kcMhOo77r2NMMIgDEgCSopFaLkRr_xLdNcTBbvGiIroE_Bq7MW7nuvs1cyLdDI5hJfgiEiaVVGjAt1UF4v8RagDZW3Kk6nIVFrz0x147_omsDcy6OwRDPURsD3K9FScFcDL7cQXQdsX6wqZU3O-hbZKmQTvxPKr9VzIwIS0EhLjKLA0IVIqnJFZb_CCdVXP7aCzoAGi-j66cGpgLj3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1c9ZGJVeykVeeBkoKJvt80UibgEQ%26client%3Dca-pub-9712968225926319%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1jwknk2feb8m6mc6e6mq7rxv6836tb8kdgam4yzmbng31n103qdpzzhh69jsd1v04ky7mtd858aatyfkncqfg5nn0ww2kfmxwv7bsds7xd76p3gxwa2wjchnq0p4ycb600bft1y7v5093v3ha494kk0z5hnr3mt0z6edgkx2f7jrp1g58p8z1ma5y988kmhsbxkczz5jyvrj2v44a8qkzy0fchdt1p2d13d5a4ca014rxewb08pajwb854fj47pwy8rvkgk4kn827xyxsxsy5694p4f8k09k0tep3xaear8x6fannvs0ghazkafbqc89y2e9vzjtxw0xgy0d2571zt6e4qrx65h675b8fk5nkd738437ht4my7zsn13cdftawy283yshwx2h143n9bbncd494pk2kqk9m9c7mawk1fjzypwxjwfpchwz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwK29_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS9AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-ix4d5xD5lAeAygpeTQFqSCow1LZralCUcAwZYvvkKK8sNE7Z0acxbIDQ4AGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_15t4Y6S8yXoN8tncqR9Wf6BKj6IQ%26client%3Dca-pub-9712968225926319%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1k3vrhnhtcm2jtmbjmch9rcbgpazexq9x9xr8dhkn36azdt165q8mckk6de3sn3w7vdmwfy80xt2gtveheg3fb7tfge48fcch39rf88a1xn6j5yape9ktdpnbytz3ds9h0wwvz00k5y6ehp7890k5d13tx5ybaqv3k49tmt1dfjd1amza2ydkcmbqjkwx6y8e0ahbfe2pmsvscbp86hafvypfqa162kvet06eje2sdaca2d7zzys2mtw8vf8h8wbp61wjsy66rmpzswmnv2jqxhqtf54zkczzs7rxz0853wfjrx6sxpc1b745bxhm42je4zd7k63mn43vjp885facbmw7axrwe4tsfm1fxesfjcf021jksnvxwbv3jt7t3785r2r0vtgcnetzrshc84r5mfynxz04w8w7h0y7wapzq1xgc445x3dfk96&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHv9B_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS9AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gagFNuyGDgcmzosjNqtzcxRXHFzRn5uxqEfUwsqmNkreFkoV-66_acYiSoAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_13oy_u-TCxRp9tZA-5wZmaGT5lfQ%26client%3Dca-pub-9712968225926319%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=331863&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw&c=320&d=50&e=&g=6d6ffa7bcc895ebea0a9b7250069d469%2F12630415836336569672&i=27718&j=15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1682655743004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzv7bjkbd2k3m3nw12m9v1dn69dpwwsas26qz6azy6xcqkfc1b3x5f77kp40v31xtexkrg5c6sth0hgy3a8fyq5bpm5sbfj4wgkj5g4g356pkpa2q1k2pvwgd80mzwqm7tv70cksahwjq2xbmtyc2z7zymh1tmhx8svt5ssh0wbwgv344n5br8dnyr6ty7xsn32mfy7ayvrtc5exn0gt553cr4srpsy7sas70zrn18q5jm9cjybhr6tacc2dqxranjbh7c6eykwj9dvt2ymkvz6gm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6f3u_UlLZNrvLIWP7_UPtaep8Avi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS0AU_Q4R4058FZBRSwoInaOTTyXQcH-HyFFoHJhB8SKOALv7kcMhOo77r2NMMIgDEgCSopFaLkRr_xLdNcTBbvGiIroE_Bq7MW7nuvs1cyLdDI5hJfgiEiaVVGjAt1UF4v8RagDZW3Kk6nIVFrz0x147_omsDcy6OwRDPURsD3K9FScFcDL7cQXQdsX6wqZU3O-hbZKmQTvxPKr9VzIwIS0EhLjKLA0IVIqnJFZb_CCdVXP7aCzoAGi-j66cGpgLj3AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1c9ZGJVeykVeeBkoKJvt80UibgEQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=119648%2C331863%2C337344&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CX9MHzfGeTxMJqc6H4HetqtY8XUBTkTXKKFJ%2CR4WTgf1Xfk8P2ukHwH3tQtwGzwswTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Ce26U3fKZsJKPxSjHZHet2CZ8PTjTQTx88t1%2CQPwc4fb6CpQ9XhxH5HYt9Cb23bHDT4T5qqaV&c=300&d=250&e=&g=1ac900d18218b0bc91614839092770a2%2F6054773707199071952&i=30425%2C27718%2C74253&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmsf4g07cdfft11rcbdf1bg998ch8anwfs4sr2614bkbg71zhb7vsyghzqhx6zn2qee53dncrfcvcdk8a9kd9r3ajrj9ka2fvf89e6p30xsc90atwbez5yws61xhxn19r6p7gavkv0hbfj4y5pwvdnhbbfa6nae2ryjswrc6ey76yacmw52acn5kmmx762d8fwnvwa6xh5vbna2dhgf0mmkz1sye8b966qrq1knjwe4wyaecp6wrkz99zwqb4f40890gc1sfjtza46znqng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwK29_UlLZLyVKqSh7_UPprGluAbi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAud0FNX2e7I-qAMBqgS9AU_QO7KmEoPg_RQJHdV56WuLEoGf_h0D6DbHqsbdf_fjdi57b4pTiKyfMkZi6nxDyWHB2DdUXypG_sp0nrAIZCDnXGhJ6liaRzs6XKpiD6eFphu6MOHv-KUu29-rImNhkmTd5EoQ2ofriFqoIWE5PjYKKzkS2BzfD0excC3Ed1ff4VR2jrV6-rhM4zxMsnNtfR8F-ix4d5xD5lAeAygpeTQFqSCow1LZralCUcAwZYvvkKK8sNE7Z0acxbIDQ4AGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15t4Y6S8yXoN8tncqR9Wf6BKj6IQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=311476%2C345677%2C324053&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CR4WTgf1XfkmQ4SkHwH3tQtZErwSwTzTmqqH7%2CbWgtQfAecq1mYfYHbHztKtEDwBfxTJT5WWaJ&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CQPwc4fb6Cpk8gFxH5HYt9C7PYbUDT4T5qqaV%2C39zHpfA7cVdj3T7HrHAtXCMr9GF8TWTA11Cd&c=300&d=250&e=&g=bab37016dc0cfa34fe9c6bf3e8f229fb%2F5864692739148579687&i=108136%2C114077%2C111727&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1682655743110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2rfzeeyct9ce6wjq6fye0vkg5b1kwpdfb0s97jbq3kezd12qwzdnv9f3d1b7q364jkcvgf78r1w6770e8vd6rtvwkj7t8v72dg0h3d8bps7fz16m7kqf7krvzw9ymkv2de20znn3e57z6k61xk3cc198qcyh3tp4fctw3gc0rnhn6atdw370cy9b7x81r90vtgxva80vxz3ebmc6yvakkn7wh9wgknagg88j5z189hvbspazgbs16sngcrsqjkjjrwbqhnwv3yy1dh76xg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHv9B_UlLZP3MK5Oi9u8P9bGRwA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3MTI5NjgyMjU5MjYzMTnIAQmpAt9c2iQYf7I-qAMBqgS9AU_QtfI7mnr_zH1sQkfPSnXwOY5s2_XqJOq6Adrc-2vqqdOiwpUBHBZkXuTT2BRv9cRqznENmeIsaIphx_VQJMrZbpdPnZWd2bwFOQ9CVkXJiyKeATzlCwI2SbHw8Ty9_N1auZZpJkInpgdLAg82-NNe-0aqTlsMyvVBxZlm1AUBezo7ckXgcy8TIIdwRPcYirv-gagFNuyGDgcmzosjNqtzcxRXHFzRn5uxqEfUwsqmNkreFkoV-66_acYiSoAGjKzM0ef0xY7wAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_13oy_u-TCxRp9tZA-5wZmaGT5lfQ%2526client%253Dca-pub-9712968225926319%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-9712968225926319&fa=3&ifi=7&uci=a!7&btvi=4&xpc=SbZdr9fo7G&p=https%3A//ngoma.co.ke Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-9712968225926319&fa=4&ifi=8&uci=a!8&btvi=5&xpc=Ey6nfvZTls&p=https%3A//ngoma.co.ke Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-9712968225926319&fa=1&ifi=9&uci=a!9&btvi=6&xpc=7P1lSAinAU&p=https%3A//ngoma.co.ke Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
action.metaffiliation.com
ad.turn.com
ad4m.at
ads.creative-serving.com
ads.travelaudience.com
adservice.google.com
adservice.google.fr
as.ad4m.at
assets.ad4m.at
c1.adform.net
cm.g.doubleclick.net
d5p.de17a.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
image6.pubmatic.com
jpp.aircaraibes.com
match.adsrvr.org
ngoma.co.ke
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r.turn.com
region1.google-analytics.com
rtb.openx.net
s.tribalfusion.com
static-de.ad4mat.net
tpc.googlesyndication.com
tr.blismedia.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.186.66
185.64.189.115
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.180
23.56.205.163
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700::6812:18ad
2a00:1450:4001:800::2003
2a00:1450:4001:802::2008
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a05:d018:d29:3602:5c69:ba98:7fb3:79a9
3.122.221.15
34.96.105.8
35.158.72.189
35.186.193.173
35.190.0.66
35.227.252.103
35.71.131.137
37.157.6.254
46.105.33.210
52.59.9.55
85.114.159.93
95.131.136.1
0157d11106d6b70289099fd1ce1f7bea3a9dfbb46cee3994edb07ce765bb92fc
01860d2273448228ae1e9f7b7150e82bdcf98896938cccd44815f4c1c856204c
02be05f1ed90a4f488e5134d433b0ce24ea2071aa2aaa91ce9f95f7ecfd8f000
03f1435a0b78bd52da2cde2ae513469d8fa46b38fe2a63d70c373fe36fcd0447
065ea6001c304e1a363e89288d92059af6fb61a58f231791648c92cdf2179438
067a2eb0be482c154a3e8c7f0610adc7d70b0bcc3e1c0869ddad613cb826cc0c
06f3ddbbd0c90766d744b824d27c491995029162c303fb9b9263915d1130b5b8
0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad
08f69df537066aa235270e9ab7c8cd6874853552a3e5b84d3a68a624d16140d6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
115a1528a5457078a1aa205b30c12ea2872c6efd70ae9dd02716b957593e8a17
120f7f262e0539301d1f1adf6e0d9ebaa1497e70e54e54a62c020a076f5fc511
12a3831e778d8969aad8052ad463f9ecc63745c97c994c4e8b15c04e46f49b39
14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47
1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33
198a13fd37b3d45a2a089dc1c04c1691eaf37c9983a08ea5ca01c44d89b01049
1fea08fd1c966b464cc510c0740a4f807a24714f3852496af66393edb8adc340
20dd8b774fe5994d134f9a617de30a77e3fa18a6fe9ef5e41fd1f41953c3e233
2226b397adfcd8fde1b5bad0d5f61b4a434702fed6bf4a13e536ec1f6dc53aab
2292438f64c3764333d7658651a9c9b61ad76a46cd53b21cbe868c2e757dc4b1
2687bf44587f409fe71cfa360c75fd73aa1b695f94db8cdd6d969d46915886ef
27aaeb4b5b32d0f0f6e4046aea8e577c75a9e50cbf7489d925c0da05c5f2db29
27ac1c4688a85355dbc4a4d40e1dc1e65b70683bce1292e752fa630efcb6b98b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b969d2aece9ae2797a135b9f6f61f18704bfb14885ded3f35dbcd4cdd2fbafc
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2df6ef6434233c0f2416425f974602418af670f75d4b94a68cbea707855afc35
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318d67c3bfc2387f50aa4f39136ade5181fe678fefb4a57217880fc6682571d4
3cf7ea91dd92a1f2dee6bdf6a66f51cf055a0480fd870c7f45d1954742338bd3
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
40362b7a62944990f54f14837a7b636cca1bd8b6ff8aa9e0efda6e708b7c943c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
503458613463f4fbc61dacb08e693173096e8a5d9c57954a497a7218e8d631f5
52020220e5df1dafe49faafcc030b85af20b98d99d4e2fb41ab5ea3f8f02fa8a
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536
540e4d1782aea501878f552b1f3aa7b005f2ec6b9af920c957618511104bec8a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
558e462cee78d9002c7acc3e47932baebf66d884d5b91d8949574dd61e2bc05e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56a2873ea568a6f1a0e47536317f645002a9a78464b3445b26e2bb37c77b59f3
593999310435b23dc1728e57584c8e81728f47275fa6440fdabfebb60a7ce058
5b84335d42b38d3122349f53b20dd6a5cb0f45d1e45e5683fd572bcdda8c04a2
5bc4607606dabcb7e671131fdfe54944636f41f2c78d6f980b8c7fb86913474b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d70ce3634a802c55840a92bd6521cc811972195b5374f45b2e3a4f4efc138e5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c1612476b840606292b01aee0e2d5948558a6f98260d3baa3adcd1b65ebc0d
6355734405a13a80609e361efc2587a3672da089cd7d8af35bd49c2bce81398c
648791b3c60db34bc563694f41c97c1c5b1600be4a7366d9a3bcef12f02d15b8
661cf5bc8d00c66ff3e06bafa6e64e168bc2d2c218e5ed7247cdb1f22ab2bc61
67b0b164828b91b7c74bb66bbcf95543be12e9ba4b76e7dcbfd180c248c0ad61
6892f6c01bea8e4ab7654ef01c395cad28cb3dd9cc705caceaa15a9461ba67ed
69af47ae4c1d90831351b53f445bdf076b8991e2e4d543c8edd96d42957d41f3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c2ce0357eed412a3721372bc3152b8063a2dc50931a3b4cdad286981a09f762
726b5d151a553af830624fb750b99c4b55c10c6175766c29fcdcec7c245b1f0f
73359a89880cb33bbbef3bcc7b74059e5869dca8522f3ddc62654731ac09a908
749bfd55e1f89872d1a460a13c0435ba12bf979fb3203130fd0b17b170c17884
75da6db2b94f44fcad69e9579b7bd59b2c6f27810cc887c0f6f53b2d9c6fca78
776adaa9056bb192f6185030ea0fdd4b7bb451aa99b8d037bd02c5d7495cb554
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
8377dd6ba2fb62a9b9032b9cb56952afa5aad3b2c62c26f86ec8db00c2357219
85c620426916fb8a3ca285a0d1e8aaaaf09f9ea3a9edc0f838e2778d622cf226
8994924c0f3ab4474ee0a7c04417ad84933c4467cc9192fcb60b9774f15f5990
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e3e9f8d954bbc4ccaaaba37ec087200fc27613396bef7935fa0057a5b125d8a
91547e920c3c43680b3924109babcf0bd3767aa224d7a85d12192d3b882e3402
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
92b69f5f41a7e3ae8b991be8080b52f05504a9151ad20fad4b8b2ee111fe7d56
94e10e9b89d1b017cd7ecb0d8c2c028aeab3056dc1c4ff58e813973ecd9c05d3
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c521a663b174e59fe5ad6bae9e607e3d128322714482d370277faf6eee40db5
9d3338fd36041126effc1be8e49a41c2f19d33d0d058e5bab372e704a3da7f20
9fe4b186de87b21d9f395c8f5a129ebdf0e1ba24a24e224f4f1b07c2332eb681
a08b041c4e367f9aef48aa1749c38bd8bb71bfe2f72ec9cda80af222458b920b
a2fe930e82faaf6889e91c7e43552a136bf54a779abd70f2a2680192e825c3e4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa1eaf220371512ea6b05e40a3c517022b212b504d06c88492746cef2a637e5d
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
aeef31c70dd1e009fba6965ac0510518bc1fc7c99323dc712b204e9dc74d747f
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b46d801466db2b18945cfa2fb2d8d0166b4861856b9fd1caf7719edaceef9084
ba121a02b7da81d7bd27266dfab2fa64cd0769db999fa30237827e2f98066e4e
bc567bde2ce90dd90e0d3b0bd59021c45a440a12842354e0e026e4069352265b
be8c79d0d5004f26f6fdda9fc9026e26a7e49e09ca7652a7287e2572d79b94be
bee4c6686b0ac3fa61d8ad08cad9044a2e20140cfe277bba25aad2790d0bb5b1
c887903723ff9048aa1ce27e979b08e7777805e80c61736e479d06cf8535289f
c95e55f0766c356809f03ca906db019b1606dc37e750cf0018eebc00d807a1bd
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d11884f5dca9c8f6f5056dad9f6d6584ca65569be1296c96b698c78291f21442
d8a8c224869fa7beda4bcc56e399d60c3b5832b184cab65fc1f223e6d0c7ca15
dbd6f2b71b78e7699997de0a2c47c560a2970da6257dbddcc2d6ad3f261ef792
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e308abd7113c09c91bcd7e8c2fb13a5a443d12bbcc3ee72a5b21ba9a52e0d0ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e401b72553ea85689b6a2ee010d65bd1d41bd99d765ca892c49589e9a170634b
e44b329cdec691a25384c265efed3fcadb0e52b8fbbd011490893a19510a574c
e4fd8a314c1985530f18db83d1bae47fbe8b3c25a77553bcc07980443e879476
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e786cd2261813a4184e482c22e3b4272ea8009ae3315876cef6fcc7d6ea0a244
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2620c09f710c02ffd17d17ff4b8ebb70238ac156da1906ad4de1ee6f3db411e
f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f56556b38b21cc8c0ccda10e7b4d3bae1ed9f2b2fd72df0818c647d9786e072c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f64fac551f092b7a83154182486fb538cc9da2b3c3e229781af358a9707946e9
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8900dfcb3fb3061252db53c35479af4ed2ac43949275adbdace2737b361674b
fe62676c036f75971a866607f18b3bc57c67e51fc21b1d5c7769e7c947b433e7

ngoma.co.ke Open in urlscan Pro 46.105.33.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

227 Requests

94 %HTTPS

56 %IPv6

31 Domains

41 Subdomains

29 IPs

7 Countries

2620 kBTransfer

6250 kBSize

40 Cookies

2 Outgoing links

Page URL History

Redirected requests

227 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ngoma.co.ke Open in urlscan Pro
46.105.33.210 Public Scan

Screenshot
Live screenshot

Full Image

227
Requests

94 %
HTTPS

56 %
IPv6

31
Domains

41
Subdomains

29
IPs

7
Countries

2620 kB
Transfer

6250 kB
Size

40
Cookies

227 HTTP transactions
5 data transactions