Submitted URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Effective URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Submission: On March 25 via api from DE — Scanned from DE

Summary

This website contacted 93 IPs in 9 countries across 72 domains to perform 509 HTTP transactions. The main IP is 104.21.59.143, located in and belongs to CLOUDFLARENET, US. The main domain is www.gazetaexpress.com. The Cisco Umbrella rank of the primary domain is 321306.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2021. Valid for: a year.
This is the only time www.gazetaexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
57 104.21.59.143 13335 (CLOUDFLAR...)
3 2.18.232.7 16625 (AKAMAI-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
1 52.239.139.164 8075 (MICROSOFT...)
7 142.250.181.226 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
15 208.88.224.28 40824 (WZCOM-)
25 104.19.136.78 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 99.86.7.86 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
53 151.101.129.44 54113 (FASTLY)
1 99.86.7.16 16509 (AMAZON-02)
1 3.134.20.240 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 11 37.157.3.29 198622 (ADFORM)
1 185.184.8.65 204995 (RTB-HOUSE...)
8 178.250.0.165 44788 (ASN-CRITE...)
3 72.251.249.14 29791 (VOXEL-DOT...)
2 12 37.252.173.22 29990 (ASN-APPNEX)
1 3.120.57.46 16509 (AMAZON-02)
9 2602:803:c004... 26667 (RUBICONPR...)
2 104.107.161.75 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
7 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a03:2880:f12... 32934 (FACEBOOK)
15 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
14 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 104.26.0.156 13335 (CLOUDFLAR...)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
7 185.86.137.114 201081 (SMARTADSE...)
7 185.64.189.112 62713 (AS-PUBMATIC)
7 23.37.38.181 16625 (AKAMAI-AS)
14 35.244.159.8 15169 (GOOGLE)
7 54.93.106.38 16509 (AMAZON-02)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 34.240.79.98 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
11 141.226.228.48 200478 (TABOOLA-AS)
8 104.19.135.78 13335 (CLOUDFLAR...)
1 2a03:90c0:41:... 199524 (GCORE)
1 2a02:26f0:12d... 20940 (AKAMAI-ASN1)
2 152.228.222.122 16276 (OVH)
2 2a02:26f0:12d... 20940 (AKAMAI-ASN1)
5 52.71.33.244 14618 (AMAZON-AES)
1 54.165.191.202 14618 (AMAZON-AES)
12 2a02:2638::3 44788 (ASN-CRITE...)
8 16 2a02:2638:1::13 44788 (ASN-CRITE...)
4 4 213.19.147.45 3356 (LEVEL3)
5 8 35.71.131.137 16509 (AMAZON-02)
2 54.174.213.70 14618 (AMAZON-AES)
1 141.148.45.191 31898 (ORACLE-BM...)
1 2.18.233.180 16625 (AKAMAI-AS)
1 1 23.88.75.186 24940 (HETZNER-AS)
2 3 18.156.0.31 16509 (AMAZON-02)
13 16 2.18.234.233 16625 (AKAMAI-AS)
8 217.160.255.213 8560 (IONOS-AS ...)
8 178.250.0.157 44788 (ASN-CRITE...)
1 185.64.190.78 62713 (AS-PUBMATIC)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2001:4de0:ac1... 20446 (STACKPATH...)
2 23.37.42.132 16625 (AKAMAI-AS)
1 104.17.119.107 13335 (CLOUDFLAR...)
1 1 18.134.84.19 16509 (AMAZON-02)
8 14 142.250.185.226 15169 (GOOGLE)
4 4 52.215.92.65 16509 (AMAZON-02)
3 3 2a05:d018:d29... 16509 (AMAZON-02)
4 4 54.149.204.124 16509 (AMAZON-02)
2 173.231.181.122 29791 (VOXEL-DOT...)
5 2a04:4e42:400... 54113 (FASTLY)
5 141.226.224.32 200478 (TABOOLA-AS)
7 185.86.137.32 201081 (SMARTADSE...)
1 151.101.129.108 54113 (FASTLY)
7 7 185.94.180.126 35220 (SPOTX-AMS)
1 1 185.29.132.241 30419 (MEDIAMATH...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 151.101.2.49 54113 (FASTLY)
1 2620:116:800d... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 10 54.74.45.231 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 69.173.144.138 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
2 3 52.95.119.178 16509 (AMAZON-02)
4 4 69.173.144.139 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2a00:1450:400... 15169 (GOOGLE)
8 11 198.47.127.18 62713 (AS-PUBMATIC)
2 4 185.64.190.80 62713 (AS-PUBMATIC)
13 13 13.248.245.213 16509 (AMAZON-02)
4 2.18.235.40 16625 (AKAMAI-AS)
1 2600:9000:206... 16509 (AMAZON-02)
1 51.195.88.7 16276 (OVH)
1 1 185.86.137.122 201081 (SMARTADSE...)
3 151.101.66.133 54113 (FASTLY)
2 169.50.137.184 36351 (SOFTLAYER)
6 37.252.172.38 29990 (ASN-APPNEX)
2 2 52.59.66.68 16509 (AMAZON-02)
509 93
Apex Domain
Subdomains
Transfer
74 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 971
trc.taboola.com — Cisco Umbrella Rank: 562
trc-events.taboola.com — Cisco Umbrella Rank: 1670
images.taboola.com — Cisco Umbrella Rank: 1507
am-trc-events.taboola.com — Cisco Umbrella Rank: 13795
pips.taboola.com — Cisco Umbrella Rank: 1686
cds.taboola.com — Cisco Umbrella Rank: 997
993 KB
57 gazetaexpress.com
www.gazetaexpress.com — Cisco Umbrella Rank: 321306
ads.gazetaexpress.com — Cisco Umbrella Rank: 782291
1 MB
34 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8333
c.mgid.com — Cisco Umbrella Rank: 6428
cdn.mgid.com — Cisco Umbrella Rank: 10514
servicer.mgid.com — Cisco Umbrella Rank: 8449
s-img.mgid.com — Cisco Umbrella Rank: 7801
video-native.mgid.com — Cisco Umbrella Rank: 28798
cm.mgid.com — Cisco Umbrella Rank: 2218
474 KB
32 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 689
gum.criteo.com — Cisco Umbrella Rank: 347
mug.criteo.com — Cisco Umbrella Rank: 3185
54 KB
24 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 417
ads.pubmatic.com — Cisco Umbrella Rank: 419
image6.pubmatic.com — Cisco Umbrella Rank: 571
image8.pubmatic.com — Cisco Umbrella Rank: 570
image2.pubmatic.com — Cisco Umbrella Rank: 774
10 KB
23 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
286 KB
20 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 512
eb2.3lift.com — Cisco Umbrella Rank: 346
9 KB
19 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 412
eus.rubiconproject.com — Cisco Umbrella Rank: 503
pixel.rubiconproject.com — Cisco Umbrella Rank: 289
token.rubiconproject.com — Cisco Umbrella Rank: 595
20 KB
19 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
acdn.adnxs.com — Cisco Umbrella Rank: 523
secure.adnxs.com — Cisco Umbrella Rank: 359
45 KB
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
1f9afd595932b731caa96c0be85f1c84.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
2b3b275d3ab3304dd979da47e509665e.safeframe.googlesyndication.com
247 KB
18 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 626
cdn.stickyadstv.com — Cisco Umbrella Rank: 2067
152 KB
18 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 57
4 KB
15 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1227
www8.smartadserver.com — Cisco Umbrella Rank: 5216
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2242
9 KB
15 serv431.com
serv431.com — Cisco Umbrella Rank: 638777
26 KB
14 openx.net
projectagora-d.openx.net — Cisco Umbrella Rank: 32370
u.openx.net — Cisco Umbrella Rank: 621
2 KB
14 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1689
161 KB
14 projectagora-adtag-library.com
cdn.projectagora-adtag-library.com — Cisco Umbrella Rank: 22541
836 KB
12 criteo.net
static.criteo.net — Cisco Umbrella Rank: 600
373 KB
11 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 630
euw-ice.360yield.com — Cisco Umbrella Rank: 14035
creative.360yield.com — Cisco Umbrella Rank: 83857
ice.360yield.com — Cisco Umbrella Rank: 1381
5 KB
11 aniview.com
tg1.aniview.com — Cisco Umbrella Rank: 8457
player.aniview.com — Cisco Umbrella Rank: 1997
track1.aniview.com — Cisco Umbrella Rank: 1948
go1.aniview.com — Cisco Umbrella Rank: 4770
sync.aniview.com — Cisco Umbrella Rank: 2462
120 KB
11 adform.net
adx.adform.net — Cisco Umbrella Rank: 4064
c1.adform.net — Cisco Umbrella Rank: 524
5 KB
9 impactify.media
vpaid.impactify.media — Cisco Umbrella Rank: 412159
sonic.impactify.media — Cisco Umbrella Rank: 4919
cdn.impactify.media — Cisco Umbrella Rank: 80893
13 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 293
3 KB
7 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 480
6 KB
7 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 268
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
ads.yahoo.com — Cisco Umbrella Rank: 816
4 KB
7 adomik.com
projectagora-483829-hdb.adomik.com — Cisco Umbrella Rank: 25477
721 B
7 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 409
2 KB
7 projectagoraservices.com
ads.projectagoraservices.com — Cisco Umbrella Rank: 17685
16 KB
6 impactify.io
ad.impactify.io — Cisco Umbrella Rank: 49564
dvr.impactify.io — Cisco Umbrella Rank: 64877
pg.impactify.io — Cisco Umbrella Rank: 67657
97 KB
5 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1118
t.teads.tv — Cisco Umbrella Rank: 2303
133 KB
4 moatads.com
z.moatads.com — Cisco Umbrella Rank: 329
px.moatads.com — Cisco Umbrella Rank: 392
103 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 730
3 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 462
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
3 tsdtocl.com
tsdtocl.com — Cisco Umbrella Rank: 8415
3 KB
3 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1352
2 KB
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 399
440 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 491
2 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6433
adservice.google.de — Cisco Umbrella Rank: 8832
1 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 594
750 B
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 307
678 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 707
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1282
816 B
2 adxpremium.services
s333.adxpremium.services — Cisco Umbrella Rank: 85563
533 B
2 projectagoralibs.com
projectagoralibs.com — Cisco Umbrella Rank: 222774
3 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
428 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124
114 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
17 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 434
706 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 565
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
28 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 403
92 KB
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 381
373 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 490
177 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1438
477 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 384
676 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 3206
511 B
1 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 2428
1 KB
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 908
271 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1024
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 829
543 B
1 gjirafa.com
bisko.gjirafa.com — Cisco Umbrella Rank: 279058
929 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 716
418 B
1 aghtag.tech
aghtag.tech — Cisco Umbrella Rank: 34659
82 KB
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 1565
163 B
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6130
183 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 alexametrics.com
certify.alexametrics.com — Cisco Umbrella Rank: 3792
551 B
1 cloudfront.net
d31qbv1cthcecs.cloudfront.net
2 KB
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 74501
87 KB
1 windows.net
gjstatic.blob.core.windows.net — Cisco Umbrella Rank: 178558
8 KB
1 agorahtag.tech
agorahtag.tech — Cisco Umbrella Rank: 76904
2 KB
509 72
Domain Requested by
54 www.gazetaexpress.com www.gazetaexpress.com
31 cdn.taboola.com www.gazetaexpress.com
cdn.taboola.com
16 ads.stickyadstv.com 13 redirects player.aniview.com
cdn.stickyadstv.com
16 gum.criteo.com 8 redirects static.criteo.net
15 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
15 serv431.com www.gazetaexpress.com
serv431.com
14 cm.g.doubleclick.net 8 redirects
14 script.4dex.io cdn.projectagora-adtag-library.com
script.4dex.io
14 cdn.projectagora-adtag-library.com ads.projectagoraservices.com
cdn.projectagora-adtag-library.com
13 eb2.3lift.com 13 redirects
12 static.criteo.net cdn.projectagora-adtag-library.com
static.criteo.net
adxbid.info
12 trc.taboola.com cdn.taboola.com
12 ib.adnxs.com 2 redirects adxbid.info
cdn.projectagora-adtag-library.com
acdn.adnxs.com
11 image8.pubmatic.com 8 redirects cdn.projectagora-adtag-library.com
11 pagead2.googlesyndication.com www.gazetaexpress.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
srcdoc
securepubads.g.doubleclick.net
10 cdn.mgid.com jsc.mgid.com
10 images.taboola.com
9 fastlane.rubiconproject.com adxbid.info
cdn.projectagora-adtag-library.com
9 adx.adform.net adxbid.info
cdn.projectagora-adtag-library.com
8 mug.criteo.com
8 match.adsrvr.org 5 redirects
8 s-img.mgid.com
8 am-trc-events.taboola.com
8 bidder.criteo.com adxbid.info
cdn.projectagora-adtag-library.com
7 u.openx.net cdn.projectagora-adtag-library.com
7 sync.search.spotxchange.com 7 redirects
7 sonic.impactify.media ad.impactify.io
sonic.impactify.media
7 www8.smartadserver.com www.gazetaexpress.com
imasdk.googleapis.com
7 projectagora-483829-hdb.adomik.com www.gazetaexpress.com
7 tlx.3lift.com cdn.projectagora-adtag-library.com
7 projectagora-d.openx.net cdn.projectagora-adtag-library.com
7 htlb.casalemedia.com cdn.projectagora-adtag-library.com
7 hbopenbid.pubmatic.com cdn.projectagora-adtag-library.com
7 prg.smartadserver.com cdn.projectagora-adtag-library.com
7 ads.projectagoraservices.com ads.gazetaexpress.com
serv431.com
6 ice.360yield.com imasdk.googleapis.com
6 secure.adnxs.com imasdk.googleapis.com
6 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
6 jsc.mgid.com www.gazetaexpress.com
jsc.mgid.com
serv431.com
6 securepubads.g.doubleclick.net www.gazetaexpress.com
securepubads.g.doubleclick.net
www.googletagservices.com
5 cds.taboola.com cdn.taboola.com
5 pips.taboola.com cdn.taboola.com
5 track1.aniview.com player.aniview.com
4 image2.pubmatic.com 2 redirects
4 token.rubiconproject.com 4 redirects
4 pixel.rubiconproject.com 1 redirects
4 pm.w55c.net 4 redirects
4 match.prod.bidr.io 4 redirects
4 ad.impactify.io player.aniview.com
ad.impactify.io
4 cm.mgid.com jsc.mgid.com
4 www.google-analytics.com www.gazetaexpress.com
www.google-analytics.com
3 tsdtocl.com cdn.taboola.com
3 px.moatads.com
3 aax-eu.amazon-adsystem.com 2 redirects
3 ad.360yield.com 2 redirects www.gazetaexpress.com
3 imasdk.googleapis.com ad.impactify.io
imasdk.googleapis.com
3 pr-bh.ybp.yahoo.com 3 redirects
3 ups.analytics.yahoo.com 2 redirects player.aniview.com
3 sync.1rx.io 3 redirects
3 servicer.mgid.com jsc.mgid.com
3 trc-events.taboola.com
3 www.google.com www.gazetaexpress.com
tpc.googlesyndication.com
3 ap.lijit.com adxbid.info
player.aniview.com
3 ads.gazetaexpress.com www.gazetaexpress.com
ads.gazetaexpress.com
3 a.teads.tv www.gazetaexpress.com
a.teads.tv
2 pixel.advertising.com 2 redirects
2 um.simpli.fi
2 c1.adform.net 2 redirects
2 cm.adgrx.com
2 eus.rubiconproject.com adxbid.info
eus.rubiconproject.com
2 cdn.stickyadstv.com player.aniview.com
cdn.stickyadstv.com
2 sync.aniview.com player.aniview.com
2 player.aniview.com tg1.aniview.com
player.aniview.com
2 s333.adxpremium.services adxbid.info
2 c.mgid.com jsc.mgid.com
2 projectagoralibs.com cdn.projectagora-adtag-library.com
2 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 www.facebook.com www.gazetaexpress.com
2 t.teads.tv www.gazetaexpress.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 connect.facebook.net www.gazetaexpress.com
connect.facebook.net
1 ssbsync-global.smartadserver.com 1 redirects
1 2b3b275d3ab3304dd979da47e509665e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.impactify.media ad.impactify.io
1 creative.360yield.com www.gazetaexpress.com
1 euw-ice.360yield.com ad.360yield.com
1 z.moatads.com ad.360yield.com
1 s0.2mdn.net imasdk.googleapis.com
1 ads.yahoo.com
1 px.ads.linkedin.com
1 id.rlcdn.com
1 www.googletagservices.com ad.impactify.io
1 cdn.jsdelivr.net ad.impactify.io
1 pixel.quantserve.com
1 sync-tm.everesttech.net
1 dsp.adfarm1.adition.com 1 redirects
1 sync.mathtag.com 1 redirects
1 pg.impactify.io
1 acdn.adnxs.com ad.impactify.io
1 dvr.impactify.io ad.impactify.io
1 1f2e7.v.fwmrm.net 1 redirects
1 biddr.brealtime.com adxbid.info
1 image6.pubmatic.com ads.pubmatic.com
1 vpaid.impactify.media player.aniview.com
1 csync.loopme.me 1 redirects
1 ads.pubmatic.com player.aniview.com
1 sync.technoratimedia.com player.aniview.com
1 sync.targeting.unrulymedia.com 1 redirects
1 go1.aniview.com player.aniview.com
1 tg1.aniview.com cdn.mgid.com
1 video-native.mgid.com jsc.mgid.com
1 bisko.gjirafa.com www.gazetaexpress.com
1 1f9afd595932b731caa96c0be85f1c84.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 aghtag.tech agorahtag.tech
1 www.google.de www.gazetaexpress.com
1 hb.emxdgt.com adxbid.info
1 prebid-eu.creativecdn.com adxbid.info
1 stats.g.doubleclick.net www.google-analytics.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.gazetaexpress.com
1 certify.alexametrics.com www.gazetaexpress.com
1 d31qbv1cthcecs.cloudfront.net www.gazetaexpress.com
1 adxbid.info www.gazetaexpress.com
1 gjstatic.blob.core.windows.net www.gazetaexpress.com
1 agorahtag.tech www.gazetaexpress.com
509 125
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-15 -
2022-07-14
a year crt.sh
teads.tv
R3
2022-03-23 -
2022-06-21
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02
2022-03-16 -
2023-03-16
a year crt.sh
serv431.com
R3
2022-01-31 -
2022-05-01
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-01-02 -
2022-04-02
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
certify.alexametrics.com
Amazon
2021-06-14 -
2022-07-13
a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon
2021-10-12 -
2022-11-10
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-17 -
2023-04-12
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-04 -
2022-05-03
3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2021-03-11 -
2022-04-12
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.emxdgt.com
Amazon
2021-07-02 -
2022-07-31
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
www.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
www.google.de
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
paadserver.projectagora.info
R3
2022-02-10 -
2022-05-11
3 months crt.sh
*.google.de
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
cdn.projectagora-adtag-library.com
R3
2022-02-25 -
2022-05-26
3 months crt.sh
gjirafa.com
Cloudflare Inc ECC CA-3
2021-05-02 -
2022-05-01
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2021-08-04 -
2022-09-04
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-12-12 -
2022-12-13
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.3lift.com
Amazon
2021-06-12 -
2022-07-11
a year crt.sh
*.adomik.com
Amazon
2022-02-09 -
2023-03-09
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.mgid.com
Go Daddy Secure Certificate Authority - G2
2021-09-13 -
2022-10-15
a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA
2021-12-30 -
2023-01-03
a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA
2021-08-05 -
2022-09-05
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-02 -
2022-05-03
3 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-09-17 -
2022-10-05
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-01-11 -
2022-07-06
6 months crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA
2021-09-19 -
2022-09-20
a year crt.sh
*.impactify.media
Go Daddy Secure Certificate Authority - G2
2021-12-07 -
2022-12-05
a year crt.sh
*.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-12 -
2023-02-12
a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2
2022-01-21 -
2023-02-22
a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4
2021-05-10 -
2022-06-11
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.360yield.com
Amazon
2021-07-28 -
2022-08-26
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2021-11-27 -
2022-11-29
a year crt.sh
improvedigital.com
Amazon
2021-05-05 -
2022-06-03
a year crt.sh
tsdtocl.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-05 -
2022-12-31
a year crt.sh

This page contains 58 frames:

Primary Page: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Frame ID: 15C959C265B261DF15A84BE0B37C8313
Requests: 166 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/zrt_lookup.html
Frame ID: 126C9327CF3B7172E0458C5D79B67B0E
Requests: 1 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=4361
Frame ID: 395407CEDC334D7BD010677F3E4C2CD0
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4665846415960239&output=html&adk=1812271804&adf=3025194257&lmt=1648233093&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648233093699&bpp=3&bdt=454&idt=262&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1911826339242&frm=20&pv=2&ga_vid=259260600.1648233094&ga_sid=1648233094&ga_hid=1774774518&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21066434%2C31060566%2C31063246&oid=2&pvsid=767084410462239&pem=418&tmod=1633614420&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=279
Frame ID: 07E13EFEF914FDC75715AA97D2FD2939
Requests: 1 HTTP requests in this frame

Frame: https://1f9afd595932b731caa96c0be85f1c84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 243C5CABE9C5EBA0E4C4E09728E128AA
Requests: 1 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=6750
Frame ID: 46CDECCBE7D25B8D33DB186DCA735C61
Requests: 21 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=6750
Frame ID: F4A3D9C695AD171B6C9E047FCCCE7CC2
Requests: 21 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BDA8094E0779242F793331C7B86D25A0
Requests: 1 HTTP requests in this frame

Frame: https://jsc.mgid.com/g/a/gazetaexpress.com.1000638.js
Frame ID: 79F3DCE0F7D08B466C122133365901AB
Requests: 6 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=4361
Frame ID: B7839DED77E4CD8FA6724DE3AB269708
Requests: 21 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=6751
Frame ID: 12E93D83547481E24EBDEBB12F25D6AE
Requests: 20 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=4391
Frame ID: 593BCDDF1627B1E8D084DFCA05B02B37
Requests: 20 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=4391
Frame ID: CC052C787B4666FA041BEF271CEF86EC
Requests: 20 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: 9004D5F4D1B8AD9B571DC3AF03031CA7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Frame ID: 0ED4670EA8EA314FD3FF6F626359B50D
Requests: 10 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: 6BA8C16BD773117F758302180BD40FAE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Frame ID: 574E43759071A2C9BA56E22D5D422B27
Requests: 19 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress160x600gr-r18287011/loader.js
Frame ID: 4580CB2BEFB4094364E290D4A68644FC
Requests: 10 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Frame ID: BE274720FC0E24C8EC39F10337F8789F
Requests: 13 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Frame ID: E76780957C3DE9F43B6A578701EC9D02
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F8690139A07DB200120CF2403C965908
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BEE770DB08BBBB984B1144F95E2C796E
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1648233095796180430226
Frame ID: 87735523460F4E133EA81CBA8ADACD08
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1648233095967464495676
Frame ID: 92A4B1A3188002E43160F3C4EFB2210A
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Frame ID: EFBDD56CE417E265A4C30AF961C56AD1
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Frame ID: AB403850153E815F9971040F5FE06194
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1648233096591-973059860284-006493-003-001690&biddername=200&key=RX-3e1a45fc-7aa2-4430-878a-3cf7548d5430-003
Frame ID: F7490F4778603DC5037799106344A42B
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1648233096591-973059860284-006493-003-001690&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648233096591-973059860284-006493-003-001690%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: 895E1ADBCD1CC0CDA95B43C62BB3BF6D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648233096591-973059860284-006493-003-001690%26biddername%3D1%26key%3D
Frame ID: A734EEFF260774E097644511EE73D7C7
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648233096591-973059860284-006493-003-001690%26biddername%3D18%26key%3D%24UID
Frame ID: 77B7596FECBA22A06690304D6CDE4F56
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1648233096591-973059860284-006493-003-001690&biddername=56&pid=59c9148628a0612da3689288&key=246b90a4-6770-45ab-8d47-deb35fcdc403
Frame ID: 8974649A2E2B25B9E8AC233680CCD6F0
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: B7DEE3496287B5A2442A0A4270965B8A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Frame ID: 09711AE0A158DB9451F2B3160DFC7681
Requests: 2 HTTP requests in this frame

Frame: https://ad.impactify.io/static/ad/vpaid/loader.js
Frame ID: 526625F2837C80546CAC06B942F38E9C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 00005445D1F384AAC6EB108B0300DA13
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Frame ID: AA32A5F93F4A1ECCD81EA758901E93E4
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Frame ID: 2731C507352C924C8E59F8A21FA02890
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Frame ID: 9E248D26484DE0BA5254A4DCDD62D181
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Frame ID: 5A599240084257BDD9A25E688D4A7795
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Frame ID: EDB03DECDC76925767A2E54BECCBEF5D
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13396601
Frame ID: E2808C702239CA52C703808EFDDF735F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F2698A82B92DD495B12FCBB7FFED9728
Requests: 10 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 6A4FC73DAC9B34FC233C1323A0086888
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Frame ID: C707B832E3F111BE542065FA6BE53DC5
Requests: 2 HTTP requests in this frame

Frame: https://www8.smartadserver.com/ac?pgid=894934&insid=7517180&tmstp=2884267163&out=js
Frame ID: 8E5FDE4984E1BFFB6A01BDF638B1C7BA
Requests: 1 HTTP requests in this frame

Frame: https://sonic.impactify.media/static/cookie_sync.html?gdpr=0
Frame ID: 5CB435BE4E4FD5D62947F56AF0BECFE3
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0
Frame ID: F04A5FF82444F83D85C755DE4D7E78BA
Requests: 3 HTTP requests in this frame

Frame: https://cdn.jsdelivr.net/npm/hls.js@latest
Frame ID: C366938B030C620619A73683A8EAED6A
Requests: 18 HTTP requests in this frame

Frame: https://ad.360yield.com/adj?p=1134661&w=1&h=1&tz=0
Frame ID: D5BA32C9821FF8F3E8AAAE4923759147
Requests: 4 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 6C1B52AA84878E561C5BD83DBE5A1BC5
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Frame ID: 7845D2EE4AE56653A65E571A4145E446
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: AC3EE56701CAB29DD91421C7D4CC3D7B
Requests: 1 HTTP requests in this frame

Frame: https://2b3b275d3ab3304dd979da47e509665e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 14AB56117E7FE543C54F91DD130E3203
Requests: 1 HTTP requests in this frame

Frame: https://tsdtocl.com/
Frame ID: EDEF5B99D2665DD0EB52C1533730BE9C
Requests: 1 HTTP requests in this frame

Frame: https://tsdtocl.com/
Frame ID: 3710C4DF75902F5FAAC4CDD981151AE7
Requests: 1 HTTP requests in this frame

Frame: https://tsdtocl.com/
Frame ID: B2F83199A487A294DEB331C18BC68CDA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2982C9E436CD2AC4466F4327464CCA79
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3683EBD6B953B07348531DF9B7E89BB6
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Dyshohet se Koreja e Veriut lëshoi raketën më të madhe të 5 viteve të fundit - Gazeta Express

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Overall confidence: 100%
Detected patterns
  • moatads\.com


Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

509
Requests

94 %
HTTPS

34 %
IPv6

72
Domains

125
Subdomains

93
IPs

9
Countries

6147 kB
Transfer

17680 kB
Size

90
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 333
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648233096591-973059860284-006493-003-001690%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&zcc=1&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648233096591-973059860284-006493-003-001690%26biddername%3D200%26key%3D%5BRX_UUID%5D&cb=1648233096742 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=808739352 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=808739352 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/7e89805f-04b7-4e2b-8cfa-c54933b2408f HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3e1a45fc-7aa2-4430-878a-3cf7548d5430-003?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648233096591-973059860284-006493-003-001690%26biddername%3D200%26key%3DRX-3e1a45fc-7aa2-4430-878a-3cf7548d5430-003 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1648233096591-973059860284-006493-003-001690&biddername=200&key=RX-3e1a45fc-7aa2-4430-878a-3cf7548d5430-003
Request Chain 337
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648233096591-973059860284-006493-003-001690%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%3D%7Bdevice_id%7D HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1648233096591-973059860284-006493-003-001690&biddername=56&pid=59c9148628a0612da3689288&key=246b90a4-6770-45ab-8d47-deb35fcdc403
Request Chain 348
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=0&topUrl=www.gazetaexpress.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Ho2uQXwwUXp1WGZ5TC9ZS0I1ZzhoYWY2Z2FZdHVLMjFXWTlrK3NaUC81WUJCOTlTOTFuZGpsUGhJZlM3YVJUcXhPajM1aEV6ekRpMitoc0lDZVd1SENJNGdsQURpUkVVa3F4K1FTcWdLZ1hxNkYyWmlWS0FDUnNBUm9FSHdORGpJdVRHeEtBdUhXSERzVUt2V0tkRTRvNXdTV3M0dStubW9scmtBYUl2aC9NSkxKR3hrQkZFVzF4MXhpOTJQbG8wYzBEM3dqZXgxTktzazRUQ3NUWEpuY0RVUGxZa0s2eFhqOXJnN3hEcmhYNm1oaVRyYjdENTIzWFJzTWZKeU82cEhhaTVLNUJ4a3hnMlAveTlmdThrcXFpYy8vZz09fA&cppv=2
Request Chain 367
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=0&topUrl=www.gazetaexpress.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=9uyQVnwxYTB3cXFCd2VWanIwVnJQR1AxQmNsV1p5R2tiVThGcFZSenlOVXNYTUlzWS9mT21sT0swc1RIdGVHaHZSYThhL284V0ROTExrUzEvYkR1aUcrMUNtNDNFL2JvTVYvWTFQQUdvWnFPQ1Y0cFpRWkh6Z05GaUMvU2ducVhBK2gzaGdSeHEwanlIbHZCaUNuY0xsT3hnRWx4SnNpaW9tbnNwV3o2NGlvVW9oSVordTRmSTREcDFOTjI5dGRhcDFIQVF2aGZxWm91UjZtZHUvZWFJalVtcHdzUzR3cEpqZ3l1ZmNUOU9vU2FJeVBPYkUxa0tvUXl1bjBPOWdDSWRRZzhsQWg1OVVvTXZlQjlDY0N4WEd3V2FlQT09fA&cppv=2
Request Chain 369
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=qWnAol9pcEV3TFJtUXY5TGlzclFuRHJHVSUyQjgxbVdNVXBPYzFZMmJPZElxRHNBWlFmZDRoSFdNTnB4a3kxTjd5cWpvM1Y3Wmp6QjJtWXZuWmVQa0xlcHVGamxTSG5GRzhMVzJNMGhQdDRtaXhKNFJ1VTM1VnBDOWtySFZwaXB6dUZCc3hzZjFBUHR4ekF3cW9uZTNOaWx4ajhIQSUzRCUzRA&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=pBZ5THx1SmF6ekNvVnRFQVlzRSt5L0duZU9TMHdSRDVnd3M2bFpmSE0zdlRqY0FNZkdhdUdOUy9jdXFrczRkYmNQL2U1cWdvdmJNVFRreVJqcHlyRncyZmhhNWUybVR0Ri85b3hremFqMVU4clpoRk1FanJ2V2h5NlYzTktpcjB0dDEzS0FpdENKSTNtUnZZa0hxUU1GSG8zdHN0Ujc5TXRETnA3dGhyQ0FXRE9GTUdhWXBtcXZLYmw0N25hRC9yQlR0ZnhJM0RBRU52SXpUQm5Hcm1BT29FR01TRkdZamVhazVFL3VITUhVNTMxc0lZQVVISDFSUUc5ZEpQNnNjQkF0d0k0ZXJ5MUFhck5WZDdWbUEvOUxZaC9SWDArdndXZlRiVWZGeTQ5S2d6QVYxYz18&cppv=2
Request Chain 370
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=qWnAol9pcEV3TFJtUXY5TGlzclFuRHJHVSUyQjgxbVdNVXBPYzFZMmJPZElxRHNBWlFmZDRoSFdNTnB4a3kxTjd5cWpvM1Y3Wmp6QjJtWXZuWmVQa0xlcHVGamxTSG5GRzhMVzJNMGhQdDRtaXhKNFJ1VTM1VnBDOWtySFZwaXB6dUZCc3hzZjFBUHR4ekF3cW9uZTNOaWx4ajhIQSUzRCUzRA&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=gX2it3wxRERURFMwSW5OeHpDdXhJSzBvdWhlMkRaRjhGZHhtSk1JQkJJbHlBV044Tm9tUTVZa0RrdEVuWDBIVTBYSzB0ZmRydWdYY2QzaklVNkN6NVlxWkJDQkpPbW1wWnd6OHhYMWV3UkJIcGk1VGRTTHJEOFBlNjNLMFp6eFNlMWtPWEJKa1F3QlFaZXpiQVZWRTRGRGg1UFg2TFc5UlM1ZGhPbTkxWlNySkVvZzRnc2dMNlQ0VzFPVzBnNnl2NWU3R0tzRENidVMreXpqOGRXQm54aCtUU1VmZVVEL1g4dUtFdWhjSnl0dGdkK3l1UUNYRCtzakhwV0tTZjBKSXpWdDh4cXc0RC9VUFZlVHZBQlJMWXB5R01XZjk4OEI3MGpHNmRyMUtIb3JIY2wwRT18&cppv=2
Request Chain 371
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=qWnAol9pcEV3TFJtUXY5TGlzclFuRHJHVSUyQjgxbVdNVXBPYzFZMmJPZElxRHNBWlFmZDRoSFdNTnB4a3kxTjd5cWpvM1Y3Wmp6QjJtWXZuWmVQa0xlcHVGamxTSG5GRzhMVzJNMGhQdDRtaXhKNFJ1VTM1VnBDOWtySFZwaXB6dUZCc3hzZjFBUHR4ekF3cW9uZTNOaWx4ajhIQSUzRCUzRA&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=hunKqXxjUUF3UTBmeDhmSTRmNVUvYlFBVnl2Y3Q2OFBFYWQ2alh4Qm42YXQwZEJ6WnJTS3JYb05hR2NxRWt4Z2E3SW54aUlvN3ZxbFRIK200QWZxaC90Q0ZGdnVoMXAxMjFPZGlSbjBDYlZVeno2UmFYeDRuNHg5TVAzNmtLT3FpcCtYbXI0QSszbnlxc21jYXFrVWVaK0VNVmNiajNXWWYrWld1dGxjNVNRNDNtSE0zaFBVMGlYOU9CM3l4eloxVEU2Y3ZjYXRBZWRjeUljNkhjRDB5U2Q5bWJpSTg5TWZKOTdUUTRLTTNMKzg4bFRGa3NkdHh2M2JibDkvK21jdzE4Vm51ekdRWGw3eEQ3NElqZGlaS25pM1Uvb1FCUVRWVG5iUURDMEUwaGF3Rmhraz18&cppv=2
Request Chain 372
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=qWnAol9pcEV3TFJtUXY5TGlzclFuRHJHVSUyQjgxbVdNVXBPYzFZMmJPZElxRHNBWlFmZDRoSFdNTnB4a3kxTjd5cWpvM1Y3Wmp6QjJtWXZuWmVQa0xlcHVGamxTSG5GRzhMVzJNMGhQdDRtaXhKNFJ1VTM1VnBDOWtySFZwaXB6dUZCc3hzZjFBUHR4ekF3cW9uZTNOaWx4ajhIQSUzRCUzRA&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=NCLNKHwxdEVJeW1SUklKTnVPbEN0RUtmQW4yNk80b1BmaHVmaTJta05WZVN1azREQlMwMWpIakQ2c3VOc3ZZVExDL0lpRnZUa3VzSjRxRVZYVlk0cytiSGpqcUZQUEVsaTRzWXRXeXRCQkEra08xcDVpcGViNS9ZdHR4cTVCYW9qZ0ZJcG93ZzM3TXN5Y1kram12SmtTN2FRRUlXRVpPelVvYjYyOStkR09Xc2ZoSEh0VmNCaU5PeDZXOUYzOERXVDVVMHVtMVhDV0FGMjhWTUNDZ2daRTBTcDFFUnhIM2E5QkY1TFZBcnd6dDRrNmVzSW9YSXRydlZ0cVZET1Q5cFM5ZzNBZ0pibmh3ZEFmbmtKUVlXWEpyQUp6WWxsMzZ3bHFmeTYyTTNVcTI0REh3ST18&cppv=2
Request Chain 373
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=qWnAol9pcEV3TFJtUXY5TGlzclFuRHJHVSUyQjgxbVdNVXBPYzFZMmJPZElxRHNBWlFmZDRoSFdNTnB4a3kxTjd5cWpvM1Y3Wmp6QjJtWXZuWmVQa0xlcHVGamxTSG5GRzhMVzJNMGhQdDRtaXhKNFJ1VTM1VnBDOWtySFZwaXB6dUZCc3hzZjFBUHR4ekF3cW9uZTNOaWx4ajhIQSUzRCUzRA&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=a7hctHxJNWpCcE45V1R2OEkzQkY2bU9lVlRpZzFCT3pjbFF5c2JQMTFNblZHbXJybTFINHNtZzBDbjRSNmxNa1F4Z0dCbk9MTGNOWFVIZVQrNXlxQzhBM3ZBWDVvZ3psWlB4aWRBWE5TZmFHVzhBaUlxVjZZZGd0QVV5a3UvQ0thWjhJQ3M4eitGcHFWVUw5WW9URWc0Mk13TTl0eGY4UlZvVjBGVE9aSWNiVjRDY1Uxd1BzcWdOVHVxc3dkOWc4dXRMOWllWlhOZmpSS3p4NTB2M0VmSElzeWFCR3g1RG8yQkFoRThuZ21XZUI1RFdkejhJWmd1QTgxWVYxTHBIbit4S2E3ZVVIMHZ1TkN3b1BkWmovZ3RKOHhHMW5xYkNPVEJCTnl1Z3pLVllSTGlaaz18&cppv=2
Request Chain 375
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=53fbe05a95f96eae916d8b291cfa2a1&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1cbf_7079107247800128289 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NTNmYmUwNWE5NWY5NmVhZTkxNmQ4YjI5MWNmYTJhMQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKh5W09xj6txYJlprSxS6f8&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=7e89805f-04b7-4e2b-8cfa-c54933b2408f HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAFP3k7EfBUAADGGSuPXPA&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/53fbe05a95f96eae916d8b291cfa2a1?gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-QAnW7LlE2oNXHS41UqsWdXhT2qv5.E9QRQOyhYt8~A HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=AXNwAGsA1NxOIO5 HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Request Chain 379
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=qWnAol9pcEV3TFJtUXY5TGlzclFuRHJHVSUyQjgxbVdNVXBPYzFZMmJPZElxRHNBWlFmZDRoSFdNTnB4a3kxTjd5cWpvM1Y3Wmp6QjJtWXZuWmVQa0xlcHVGamxTSG5GRzhMVzJNMGhQdDRtaXhKNFJ1VTM1VnBDOWtySFZwaXB6dUZCc3hzZjFBUHR4ekF3cW9uZTNOaWx4ajhIQSUzRCUzRA&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=nqI0Znw3TGdhdlR2S1pmekEyZG1LV0p1V2YwK1M4NHpETGQ3cXhsbjRDQUlwTkhjMy9oSWozTENsT1ZJL2FZSS9LTVNFU1N4Tnl6MUhjTmRCRWZiRk5GeHNWaGNXc1JFSEFXQldaa08vcUlsTGFhRFdCSUt5Ky8xbHZrQ0hIM2dCc0VYaDVMUlZ4bGt5cmE2OHh6MDRMVW9ZNlhHQ2w0aDJlMHRLRjByb0JTcnNySzNXVys3YllaRnFISWRWZVhhU005Y0M2TXdUZkV0eXZaaHVlVEtXaklWNDFHK2ZGQ2x6Rkh4bS9Zcm9NS3Vzd0dZcVhqaUVIR0JZUDhyLzZIZ0tadFZZNlUrM0YwR0l5VVk1M3RKRzlQNEpwcjFObE5lbGZ1N3FkVTFPRWxUYUxaND18&cppv=2
Request Chain 389
  • https://ib.adnxs.com/async_usersync_file?gdpr=0 HTTP 302
  • https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0
Request Chain 391
  • https://sync.search.spotxchange.com/partner?source=176703&gdpr=0 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=176703&gdpr=0&__user_check__=1&sync_id=ce626536-ac69-11ec-bef7-1e5bf6c20206 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&uid=CAESEPQPpQPReZYR4EU_sEhAha0&google_cver=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7028&uid=7e89805f-04b7-4e2b-8cfa-c54933b2408f&img=1 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=30&redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6653%26uid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6653&uid=1782623e-0a89-4b00-ab18-86eb93da59e2&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=30&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=30&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8459&uid=1113429183277438291&img=1 HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?ssp=14&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7577&uid=7079107252101314712&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&gdpr=0&gdpr_consent=
Request Chain 392
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NTNmYmUwNWE5NWY5NmVhZTkxNmQ4YjI5MWNmYTJhMQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKh5W09xj6txYJlprSxS6f8&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=7e89805f-04b7-4e2b-8cfa-c54933b2408f HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAEW-07EfBUAADFTc-Gy_A&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/53fbe05a95f96eae916d8b291cfa2a1?gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-QAnW7LlE2oNXHS41UqsWdXhT2qv5.E9QRQOyhYt8~A HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=AXNwAGsA1NxOIO5 HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Request Chain 402
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFL6052nUsDjzoOPNSHONxs&google_cver=1
Request Chain 404
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=kdDKvvjLTSuE9prSzchXJQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=kdDKvvjLTSuE9prSzchXJQ
Request Chain 405
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/EKOsheVXkuvPvLkFGvJh6g?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3465679576557499217
Request Chain 407
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L16RFEL3-X-7CCU
Request Chain 408
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L16RFEL3-X-7CCU&sigv=1&esig=2~435109b731cf4bc5642c59d214abe8f9473c89ed
Request Chain 409
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2JmMTQ2MDRhYzM2OThmNjllM2U3NWQxODY2NzIwMTFjNDJmZTEzMg
Request Chain 412
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsonic.impactify.media%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsonic.impactify.media%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sonic.impactify.media/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=05901b2b-3a1b-48e8-991f-56854a868273
Request Chain 419
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTE4NzVFRjMtNjk1Qy00MjgwLTg5NjMtODc5NUZCNTg1RDA3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 420
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 425
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 426
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzMwMzgwNTEtODk5MC00OUI4LTlDRUQtRDhFMDQ3OUIxMkZF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 442
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fsonic.impactify.media%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://sonic.impactify.media/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&uid=1793271733984630734
Request Chain 445
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2NjYyNjQ0MDA4MDA1MTkxMTI0MQ%3D%3D
Request Chain 449
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2NjYyNjQ0MDA4MDA1MTkxMTI0MQ%3D%3D
Request Chain 452
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2NjYyNjQ0MDA4MDA1MTkxMTI0MQ%3D%3D
Request Chain 460
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Request Chain 461
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHchjkEsPCa_fqpxXtGd-zk&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 465
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHchjkEsPCa_fqpxXtGd-zk&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 467
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2NjYyNjQ0MDA4MDA1MTkxMTI0MQ%3D%3D
Request Chain 470
  • https://ups.analytics.yahoo.com/ups/58539/occ?gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://sonic.impactify.media/setuid?bidder=yahoo&uid=y-dF86DDBE2uFnrrYSKNdS2AAzpnN1hFtie9zlHIE-~A&gdpr=0&gdpr_consent=
Request Chain 473
  • https://pixel.advertising.com/ups/58503/sync?&gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58503/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58503/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UPcebb5623-ac69-11ec-83d6-02d708afeb30 HTTP 302
  • https://sonic.impactify.media/setuid?bidder=verizon&uid=y-RTlOxwNE2uJ5q6ty1PXZ_HcbUYFnFH5e~A~UPcebb5623-ac69-11ec-83d6-02d708afeb30
Request Chain 476
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsonic.impactify.media%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://sonic.impactify.media/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=3252996639412742765

509 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
44 KB
12 KB
Document
General
Full URL
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ccfa0f9a284575c4d49aac5570eb4c23cc03b5ce97bfb163e975b54efc750ae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding
x-pingback
https://www.gazetaexpress.com/xmlrpc.php
link
<https://www.gazetaexpress.com/wp-json/>; rel="https://api.w.org/" <https://www.gazetaexpress.com/?p=1481911>; rel=shortlink
x-elasticpress-query
true
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTMkb%2FylzoKUPfwW2dml9ogV6ZX1ou7Qfo4FzhHSoAgF02fb6WKUsxJ0OcioGUvWNIRdHHGi4PY%2F09Ox1QADPOsCAKzErVw6b6SlOmc720sxaE%2BINAoBuE%2FWG2eCNny6hjBTnTw22%2FI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6f19b95f786f362e-MAN
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
y7fSIC-Nar-PQDdmdwDlbGcPmlk.js
www.gazetaexpress.com/cdn-cgi/apps/head/
5 KB
2 KB
Script
General
Full URL
https://www.gazetaexpress.com/cdn-cgi/apps/head/y7fSIC-Nar-PQDdmdwDlbGcPmlk.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fad256c668aa1eb51fa18a925e95273df342e46f3162de728123b4c1fb922b5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943491
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
T3S8KYGFGHB7XMKR
x-amz-id-2
7cwzyVwqI6rK4sJb9ddmk7NVVaRFVI1DgxScGf+HTb84jEQUcXHwJLiNIriynm7X5ygZOnn4/nI=
last-modified
Tue, 10 Nov 2020 13:59:35 GMT
server
cloudflare
etag
W/"b61e1b8cbc26b381f84b9fe75d6bd20a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FUzzZiOHB3ie9eqSG9W7jGze8WkH%2Fg2DRPMZy2glB4FwCLEbk9hLqYtzqRXX4VktEg2mLklHGztC1wVHyVDDdQYGFWQ8nQuSRSeH6YBOLcTPS%2BqSwGKfaUXjVZ9mTJn3k4ZjmSidyc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
EbY_Qr2u_RqkzHBQ7tezB1tU2A4mETa.
cf-ray
6f19b960fcca362e-MAN
tag
a.teads.tv/page/76285/
787 B
689 B
Script
General
Full URL
https://a.teads.tv/page/76285/tag
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9800465cae64bdf8617aaca614fe37e565cf5b9e577daedd111816175e406b04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
489
expires
Fri, 25 Mar 2022 19:31:33 GMT
gazetaexpress.com.js
agorahtag.tech/c/
9 KB
2 KB
Script
General
Full URL
https://agorahtag.tech/c/gazetaexpress.com.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:4ae4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b6ce5bce35a38960eda5c669c47447957cf16042d21a91973f55393e5b3b55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1439
cf-ray
6f19b9624dcf41ca-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1538
x-amz-id-2
NIR1zBPRYeeLP3zSHoycxEDiZCuaXSMIPdJ6zUbiV6TNoe1NoYRInnkSQYI/ViMg9Yzn8xalyDU=
last-modified
Fri, 18 Mar 2022 10:50:38 GMT
server
cloudflare
etag
"9a03cc3598f1fbece481220c80dd2575"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDde1XPcqvVYoQcIKq6Bb2v6%2FoLhjk%2FD4awfpo6HNb9zeeVRCVnHi%2FOivrAaP%2FRq3hK4x1guJKYOD9Uwqnden6sR6V9U%2F5LAs7kZcTIHi31h7TkBtKuBOcNpWa7amouI3aMM5mXFWkaBRECGHw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
CXB002KRM0HGESZ5
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
155 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c6fdeefe7a499f7c7bd8b3ed87d134e492acfe07dac029de91e51e03e973843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54044
x-xss-protection
0
server
cafe
etag
14337593733119838623
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 25 Mar 2022 18:31:33 GMT
gjdmp.js
gjstatic.blob.core.windows.net/fix/
7 KB
8 KB
Script
General
Full URL
https://gjstatic.blob.core.windows.net/fix/gjdmp.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.139.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4d3c2716fb807011f9b2da62eccb916cb685d127d731c19b72e91d1116b18b71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 25 Mar 2022 18:31:33 GMT
Last-Modified
Sun, 28 Feb 2021 19:38:55 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
AkdWFmz3+ZBD6nME4CH9VA==
ETag
0x8D8DC207C714D5F
Content-Type
application/javascript
x-ms-request-id
32bb4031-e01e-004a-4b76-408936000000
x-ms-version
2009-09-19
Content-Length
7361
gpt.js
securepubads.g.doubleclick.net/tag/js/
82 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
f764f20f282e807aeccf2d7b42fb4461aeb92a6a0f4ce584ed3499d5f29d0b2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28081
x-xss-protection
0
server
sffe
etag
"1169 / 921 of 1000 / last-modified: 1648206597"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 25 Mar 2022 18:31:33 GMT
gazetaexpress.js
adxbid.info/
285 KB
87 KB
Script
General
Full URL
https://adxbid.info/gazetaexpress.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a8b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ac81de0c9db5e9ded5542efde8a02b20c6a6e668275763b26465b5d03b291f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jan 2022 14:09:44 GMT
server
cloudflare
age
1354
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dn6ZjVAlCgTmNfjdIgSaA2KRLdra3JRculrLXfdAL40kjxZTp8QgKSiCVqdMoezwFicKLlcFztIru9MRAd7ON5CG3p5Pd0esuzsQ2xyy1DedO0kiN44Xnb4hNUxHGRffK4F%2F%2FyyhFEnZ1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f19b9624c947381-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.min.css
www.gazetaexpress.com/wp-includes/css/dist/block-library/
40 KB
6 KB
Stylesheet
General
Full URL
https://www.gazetaexpress.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943492
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:32:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7g7OgPHxlVQXXPOjHLuQeyfoWVhRUz7ATQtUaD0q2MqZM1XNO%2FYOeAMf7LfgpWdOZ55YDrIs%2F7dZGbHS5I7QWCXSabGfmCUXujYjb5ZoIIsD3yF0GBgF5g1aiZxrrB8vqfhgI6dyvhM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6f19b9610ce4362e-MAN
expires
Sun, 13 Mar 2022 04:43:02 GMT
related-posts-block-styles.min.css
www.gazetaexpress.com/wp-content/plugins/elasticpress/dist/css/
284 B
520 B
Stylesheet
General
Full URL
https://www.gazetaexpress.com/wp-content/plugins/elasticpress/dist/css/related-posts-block-styles.min.css?ver=3.5.1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d067735991c685e2ff4b1002571d94671a3cc0b93a4c367a9f268c2d4a8a97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943492
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 07 Nov 2020 00:47:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIu0nWSqFEQ%2Bsuq0plPsAS4DnPpgSDwh5vyqvY7xk595SVqqfYoxjw6jLSm%2BxiG%2B7Z%2FWEL%2FeJPn0j01fVwrqRjvA2zef07MRDSTLxghfLvAjyFQWnLbC5%2BOh9rS0tadkMSir%2Ffm%2FiFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6f19b9610ceb362e-MAN
expires
Thu, 03 Mar 2022 02:09:47 GMT
blocks.style.build.css
www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/dist/
27 KB
3 KB
Stylesheet
General
Full URL
https://www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.3.10
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85121a60fa28046f20d9a0f53aa7f48389804115c109dd8c1ad24b2316483d2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943492
cf-polished
origSize=27723
x-cache-status
MISS
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:34:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UG%2BzykFcdSSyim%2BMP8VfvhhHwKER1llq8h8%2FVqIu5kI%2BIiSagfSV893pCQHrdBUghc%2FYzjHdNdj%2FwzlTxq%2FHVyjNZaxQM7OQi7AGj%2Fl%2Bwn8JtGZYdaKhiJ7SXmPYw23Sf6i7mDTyiJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6f19b9610cf0362e-MAN
expires
Thu, 03 Mar 2022 04:25:48 GMT
style.css
www.gazetaexpress.com/wp-content/themes/express6/
104 B
430 B
Stylesheet
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/style.css?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be1276b9fcc751ea3d53906870d6328216238d74a223806349150987dfc7a568

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
684626
cf-polished
origSize=112
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Mon, 06 Jul 2020 07:49:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sm4K4e782WqQ8xLvkGwZYN5i6eYn9cIUyVqzGgm%2Bq1hI6xvNpTL5CzyyFF2VSHgF4BuJ9ztcrIGoDutiX%2BUXqJ5drG7TfE5usJz1OkGML3iW26AXNdK97E5pZP5n32QZ9U%2B4vIGivSk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6f19b9610cf2362e-MAN
expires
Sun, 27 Mar 2022 20:21:07 GMT
mainStyle.css
www.gazetaexpress.com/wp-content/themes/express6/assets/css/
47 KB
9 KB
Stylesheet
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1a2e5ffa0b16b7f55eba0ace46076a613f872f8844dcd9667dec900d5f27e46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943492
cf-polished
origSize=67115
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Wed, 03 Mar 2021 17:56:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laKbsoSF5UxLh0%2BVPk31h1AhSS%2B64Gl7K9cnvi9coj6vcejb2o3aJWvapnK4RpW9a4HjWhx%2F%2F6S4rQ5FV41Ssh57rHv5Ud7%2FBl6fof6NtpAs0cw5mO9BBkgnXgZEFitfC3iptkzPtTM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6f19b9610cf4362e-MAN
expires
Sun, 13 Mar 2022 05:42:38 GMT
bootstrap.min.css
www.gazetaexpress.com/wp-content/themes/express6/assets/css/
152 KB
24 KB
Stylesheet
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/bootstrap.min.css?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943492
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RZs8BBH4NgICNKHMVfNlfEzQ%2FMmva43E2LrJ%2FDNWxVKgey50G%2FFr7u6ISFBglgeLzz0BPlM2Kc6Frg4lriGS0qgHP4T4y0mNJ0kQf0J5AQA9IDiOrPTlaFf0vqsIAVQrnqJmJDoAi8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6f19b9610cf5362e-MAN
expires
Sun, 13 Mar 2022 04:43:04 GMT
owl.carousel.css
www.gazetaexpress.com/wp-content/themes/express6/assets/OwlCarousel/dist/assets/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/OwlCarousel/dist/assets/owl.carousel.css?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bf5ec97a26ec5291f86b864fe727de79accd6c0bd484ff3dfe75e74cf3289a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943492
cf-polished
origSize=4744
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUtmgSR35Uukbym3BodRjBTk5KzeCI8x44Cs0BpBODeJ46a9b%2B5KgMTa%2BtAKdImDMT%2BcX1dg28o4UqtjLa%2BRUOkTeG9DxmB1pz9xsFqOv3WvIGrxUZB%2Fh2As7rRZImpjbKhShugMdeo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6f19b9610cf7362e-MAN
expires
Sun, 13 Mar 2022 06:40:01 GMT
wp-featherlight.min.css
www.gazetaexpress.com/wp-content/plugins/wp-featherlight/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.gazetaexpress.com/wp-content/plugins/wp-featherlight/css/wp-featherlight.min.css?ver=1.3.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e40ce0930cd0748fb92bc75739f641212565a3f3f2d719c667f90083d07fbaac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943492
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 14 Aug 2018 01:52:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ro7lx%2Bcao4F0%2FlObDH5yaUFJ1G35xtzFB15dGhV66Gq%2B5tBjlaN5nvxXuDimJosk1FiIiqTJlVvtB6CHDZJJy0KPCUyjYiU9Jm%2F7SbMFn7TSyI03U%2FkOX4obLXbWCboyFe8gaxksWQo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6f19b9610cf9362e-MAN
expires
Sun, 13 Mar 2022 02:43:42 GMT
jquery.js
www.gazetaexpress.com/wp-includes/js/jquery/
95 KB
34 KB
Script
General
Full URL
https://www.gazetaexpress.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943492
cf-polished
origSize=96873
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Wed, 04 Sep 2019 23:48:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0251p%2BEoRs2PTWgv8C1FWwQN8XkoAjPuQ1VghgNbd%2BlGsIr9pGqhK7qRxRvRoZNTTQyXxyJn9nwH5L9fRQ3ymT1YVdRvMdDvyEqJyeWEK1h7SvfOp6N5D9yjKDegF1AFi%2BEiehWMEdg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6f19b9610cfb362e-MAN
expires
Sun, 13 Mar 2022 06:40:01 GMT
jquery-migrate.min.js
www.gazetaexpress.com/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://www.gazetaexpress.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1381493
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Fri, 20 May 2016 05:11:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zV9%2Bdv68A%2B1LZV2OKvuLHdhoJpxQiUt56OA31OpT960NQRF1LAPNq%2FYBqUN%2FpPYHlmFN4c%2BiZIyOzPWsGfwfFIPTev%2B6NgLiKbIK%2BbNkeGL1grL8skVxm4MMoZNgZkvqriJdwVvV8wo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6f19b9611d41362e-MAN
expires
Sat, 19 Mar 2022 17:50:27 GMT
invisible.js
www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/scripts/
53 KB
19 KB
Script
General
Full URL
https://www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1648231200
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c0201e4b5201019dcca31e26d6b0e3f00c02db108fabe6522f74a8a3adbe82c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXNskZVqg3R%2B%2FiSE5NHKx1T6qi1ODAf5uE6LcbUairFRd96IO%2FRlYEQho%2FL66BgE5M%2FZT%2FvWD7u26kaO%2BEZ2jBllbxBk0xz9NxG72Ru5XbE7FAv7GGcLwymRIMt%2BssiaYZUT7dzTM60%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6f19b961eafd54c4-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
0a3b5987.js
serv431.com/
36 KB
13 KB
Script
General
Full URL
https://serv431.com/0a3b5987.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
68af5a6a7edf22605e596cf869c1b11c44d23efa73926e035b3cd0ce393e842d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
gzip
transfer-encoding
chunked
accept-ranges
bytes
etag
"06e363ca817f1b623736435c4962cd923"
vary
Accept-Encoding
content-type
application/javascript
express_logo.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/
5 KB
2 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/express_logo.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
202b60c49aaffc7e0f217e44c76e1294a5ddb44cfd09d3dd4b3f6fd3b2361f01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943492
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XsxEfXR%2BJvZSgSuBpTzH9TEBNm6IKkuEdQP9g7CLdIGsQQVgEe2CVrMoLejcgSOVWFDlUSlezuIg5DP9fso1WTSJ5gOskFIB5waV9h1DaGUpSJ6hRyTmI3ehmzU6bbIY1TjtiQ6iet4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6f19b961eb0054c4-MAN
expires
Wed, 02 Mar 2022 23:57:41 GMT
world.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/
2 KB
1 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/world.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36234dfc3643d15135aa25829d06d32fc1a843e9bec39b64ca0ffec08eac4a45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943492
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAhSkpNSVBcmiGl3lZD7DLZlhlM7APjrWDLgkYlkYaaF6tLmhYWrqb1r4Nk2WpLGkccI92eMJubnJd6qyIqjlOq3WrQIPNeXVVXNTgMFCeGnjo3fdJKmV2naCNxAyZJDCN5fTrqy6mA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6f19b961eb0254c4-MAN
expires
Thu, 03 Mar 2022 04:22:44 GMT
noun_live.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/
4 KB
2 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/noun_live.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8b437d60188c442585796d764a8553f266fa878437b96be8009a1642e6cf278

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943491
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9h4C28Jy06zSi4SH6T9fgKpF8MVA%2BhdX4e9A%2BTlDRM8omzp0VOYnjEDRyBtYroY1p5gRjGa%2BQ1tbq91I3Y9vtOGB3Jojlea6rsXgNsrPHqvPaKnvdkvHl7K4vLtaCe0mCTNC6uel1zo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6f19b961eb0554c4-MAN
expires
Thu, 03 Mar 2022 04:22:44 GMT
search.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/
509 B
901 B
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/search.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dfec6c7e2254959d01350a2ea2f613ddaaf9e92249d7bb13b75b4dd0837c534

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943491
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ii83W%2Fn%2BiqlulxzxB1r%2By3TyO%2FCth6riZpzaXnmgTIlNgS%2FLRO7OgEO%2FJEZtJ%2BTBOe46DJg%2FbO7%2BFdoiL3%2BHU2M5xuUI5Lvf8xpvpoJbBw%2BkhDcVH5oQOHcTbxlQ5Zw3kCjty55%2BJB0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6f19b961eb0754c4-MAN
expires
Thu, 03 Mar 2022 02:06:05 GMT
youtubevideo_icon.png
www.gazetaexpress.com/wp-content/uploads/
8 KB
9 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/uploads/youtubevideo_icon.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
374185e53bbef45445536ca0bec29e8ee94dd9c3ef96914dfa69a13447964ca9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public, public
date
Fri, 25 Mar 2022 18:31:33 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 21:40:59 GMT
server
cloudflare
age
1943491
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wH2AFMDihezrWagAXRMNvjIuiqN%2FDcLQrU8CkSnCkSR5cAIN%2Fw9w6o%2FpD%2BhiWUce%2BlgVZQ6oouszFyIq5BGN4vqSfeHgWIL6k4UgL%2Bc%2B%2FibG66zHH12WpAndZSVzFkTusQ6vA1mg%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f19b961eb0b54c4-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 12 Mar 2022 23:57:40 GMT
express-logo-author-96x96.png
www.gazetaexpress.com/wp-content/uploads/2019/05/
7 KB
8 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/express-logo-author-96x96.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed7d434cc3f89a09a5fb5385a44b646a302cc0e7f4a09f84f55dfeb14d1f100

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943275
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Mon, 11 May 2020 10:08:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raLh8IYen6SNBqDhP4zwrJmnOtOghsI61y8cVsK%2FFPf4VnEk3TbbuqxrZ7Ml6Pc0bi1TTTvXTn5AQxHYxDNFppUh%2F0aIMlakDmnA%2BCejtjEDqOAjERLjAahMjRybEXtrw6qJrgbKyCY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
6f19b961eb0c54c4-MAN
expires
Thu, 03 Mar 2022 06:11:13 GMT
FOttUEuWQAAikLZ-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2022/03/
36 KB
37 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/03/FOttUEuWQAAikLZ-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a969ee5f1495ca4f3f99e85480c5c37cd737189d01fa2d4ab8553e01c858814

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public, public
date
Fri, 25 Mar 2022 18:31:33 GMT
cf-cache-status
HIT
last-modified
Fri, 25 Mar 2022 18:30:36 GMT
server
cloudflare
age
19
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scElnGIgrerXj%2FVp7Au%2BTwD%2FCvwRaB8Kr%2Ft8pCcoQKu%2BYV00G%2Bx8XqIlPht4CrR5yNN27s%2FiFn5XovoRk1R6BkMPBZvKearUyVgXu%2BYJoZeA9zC%2BoC6Uvgi5PtqrDbC18BLIf5SYaJw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f19b961eb0f54c4-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 04 Apr 2022 18:30:54 GMT
640-0-623c26072e7c9-600x360.png
www.gazetaexpress.com/wp-content/uploads/2022/03/
248 KB
248 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/03/640-0-623c26072e7c9-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
099d88f740064eea7ac8ec2887d578b0ce1b0f428287aa784340d39c2d9a760b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public, public
date
Fri, 25 Mar 2022 18:31:33 GMT
cf-cache-status
MISS
last-modified
Thu, 24 Mar 2022 09:42:55 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uU%2Bsc3LNDomO0kBxORPrKjmimQKsmEdR8JEzMSB%2BMOx81S1L4Yus9ygf8zLzz4zn7naOhoBTPrF0CmiSw1ngxzk1kVJRaWrBfYGegcaCua1YJaDb%2F3CdqorSdwjjv5cidIRlu5iGjlY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f19b961eb1854c4-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 25 Mar 2022 18:31:34 GMT
gazetaexpress.com.1190148.js
jsc.mgid.com/g/a/
2 KB
1 KB
Script
General
Full URL
https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc1c98b585058c74ff3f6a841129f139d9788d8c73b1a54a030189fbe83620bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
age
4153
last-modified
Tue, 22 Mar 2022 09:17:11 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
X3H2HTJ44W1ZTCQM
x-amz-id-2
N8K/R3estF02PapSO93tzvxyfe2d2AArHJM+aQSGlePaLZZOcTQa952xrO7DTHv/m9jvZD9MBm4=
cf-bgj
minify
server
cloudflare
etag
W/"849a0fe3d44ab9719253b5a9421fc496"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6f19b9621cbd6997-FRA
expires
Fri, 25 Mar 2022 21:31:33 GMT
facebook-logo-c.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/
644 B
929 B
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/facebook-logo-c.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad8dc1681c0451d8590af4d2d08b7b16e4f6edf197f805929d6a85a2be1b622c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943491
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpHASKHO%2F7wPt85oT%2F4PLf3KYVjuC15dXUCZQ%2F65pLjXL9ms4XRakQXajRlozQs5mWFUc31giJYoNMA7y61gujj%2B85ml2bIQnq1RcHbi1Bz9ipgFkgi2GCOr3xPKlVxvXzmk5b7Ao8A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6f19b961eb1954c4-MAN
expires
Wed, 02 Mar 2022 20:44:40 GMT
twitter-c.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/
891 B
1 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/twitter-c.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcc16bf1238724eedd1638bf0937b691bb01d08e585ac5e1db274acb47147c5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943491
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l91tlDoy8GHaUkX5kV2iHEHTw8NSTLQwf1vDb1hF0u2r1%2Buymxz8SK29z3kJny24aEK5f3FThvYyzFxw6ppAl7crT4gPHIWCur75WiNGr2LEDhymCEZAhCZ90Onu1g6stTrGkjPauvk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6f19b961eb1b54c4-MAN
expires
Thu, 03 Mar 2022 05:07:28 GMT
google-plus-c.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/
1016 B
1 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/google-plus-c.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58d5dd78af31fedc394fc1576004d11f96384907eaffd5260382daeefe8dccb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943491
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Z9HchwbE3NE1lDZAlTYq9cv4tJG%2Fi9vjtE9h6IKZy0z6x5j6iVBpEawO9rSEYjwhOLV39t2WYkste%2FPBWodP0ZS0CYVm41huSIkggpFuJvC%2BST8Cyg2sb2%2FInVQ5zC8clRY0P8PzI4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6f19b961eb1d54c4-MAN
expires
Thu, 03 Mar 2022 05:07:29 GMT
whatsapp-c.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/
897 B
1 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/whatsapp-c.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b562cee19c4ff0e74eeb29a0b4f4013644c02f0cbc6ebf9f22a434cd527807

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943491
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjPsVMOsTtnwDbpvutgs9PDt2d6hqFWIZpqptj63to4NYJZbcBleAJkUnbsG0T2h%2FTjgxiCutU2RIFxM1Ew0GrhC7NxERRy5D%2FwAqrjvW92y2%2B5d4PV2sncwrQWjMDov3DT3%2Fudl%2FaA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6f19b961eb1e54c4-MAN
expires
Thu, 03 Mar 2022 04:25:50 GMT
viber-c.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/
2 KB
1 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/viber-c.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3ede5c007b843287b8ffd0c398af54969710362e87a04e571f5e140ef2a35ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943491
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Orn1QtjmXEEU5Mq5PjVG%2BL9ioLD7K9szXwa2yRzDefthiSZL6e7PhBgUMP1HIAFiUypnvGOpGfR6N71xA1cqOeX5L3ocj9QfcS6aMLHR1qAeR18M69ogpmf1AMDXjwz6qseCEcHSPbc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6f19b961eb1f54c4-MAN
expires
Thu, 03 Mar 2022 05:07:29 GMT
email-c.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/
1 KB
1 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/email-c.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cbb9be7acdac8ad96d8419b8eb4e7120b05295a42d3c50919370d1fc83547dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943491
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCBu2chpr%2FSAD7ttGIFNmBCYEM8SC93HVqGRGnNkegcs%2FdUdrJKmV4%2FODoaHcz8QDPJ3ZcQ%2B%2FOkPSqfmG%2FYnKI9p7DapWp3JHjxxGCDOvl4GxGhFzVUDx7CEifCYXbq6oG3%2BP65QqVc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6f19b961eb2054c4-MAN
expires
Thu, 03 Mar 2022 05:07:30 GMT
email-decode.min.js
www.gazetaexpress.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://www.gazetaexpress.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Mar 2022 11:29:35 GMT
server
cloudflare
etag
W/"623c561f-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4O3rZW7frcqxci7Z%2BYytgMafqiyXnPqYLdqGmcx5KpxKSbhgRaX84qzSmzbIBZ3gHpUzG5qUhEKAFxoylNnRYSpwWCBdHcP3kPkE06XGmx78zccHKl4WIkHkeJUKiAu0inNMM%2BwCxck%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f19b9618a0e54c4-MAN
vary
Accept-Encoding
expires
Sun, 27 Mar 2022 18:31:33 GMT
gazetaexpress.com.1002277.js
jsc.mgid.com/g/a/
2 KB
1 KB
Script
General
Full URL
https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5abb21976d749cfb85b68ffc1dcb20284306be8f686ae02cacc1522546b7e15e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
age
4191
last-modified
Tue, 22 Mar 2022 09:16:13 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
X3H3Z12YGTMHKV8K
x-amz-id-2
M1v8cQ+9uDWaNDYIozoigEVDYS82IzRXePAeQADsrpiJulZ5/GZludBSupfhjyq3fbK0QSMCJ7M=
cf-bgj
minify
server
cloudflare
etag
W/"52c9254ae799ec4d6524ea201963d4fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6f19b9621cbf6997-FRA
expires
Fri, 25 Mar 2022 21:31:33 GMT
asyncjs.php
ads.gazetaexpress.com/www/delivery/
10 KB
4 KB
Script
General
Full URL
https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8590ee2871189fe2bdb44d32ceb04e73194eac8d2785113c8a87c79bcec64f3e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f19b9620faa362e-MAN
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjDgrZ0gIzEt1Vxism6r%2BatKnx675HFSbcejRsRwGimSiIRFKhUC%2BNBBazrHcFkK6ICbPB49dQezzF%2Fa6TPg5lyxWh1R%2BrBi0esjMxr67tqvRJc4fs%2FrAwpCQyZMkQHZPsan7JsGTX0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
cache-control
private, max-age=3600
expire
Fri, 25 Mar 2022 19:31:33 GMT
jones-2-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2022/03/
39 KB
39 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/03/jones-2-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9746354ea550264fd6f012b91a2d28dd455bf19501417ee41d58cb9f2d81d445

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
80
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Fri, 25 Mar 2022 18:25:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxGEgoYs6DXZyU9g1P%2F82tRDHSNHLGcasnyebzWu3s4j0uujfLZ%2BRvAmL%2BrUe6mGwEg6OTx4NY67Mr85g0FGWzdbmGUD9A6FfRbdVKg69XsgaAs%2FKkWjRbuEypvzzJEe90F8wN1tz6o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6f19b961eb2154c4-MAN
expires
Fri, 25 Mar 2022 18:27:02 GMT
LAJMI-I-FUNDIT-600x360.png
www.gazetaexpress.com/wp-content/uploads/2022/03/
83 KB
84 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/03/LAJMI-I-FUNDIT-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b6d81383ff606e5fa260578fae4466016aa3e61c9c391cf2210c9e8bf69ad9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public, public
date
Fri, 25 Mar 2022 18:31:33 GMT
cf-cache-status
HIT
last-modified
Tue, 08 Mar 2022 10:04:47 GMT
server
cloudflare
age
37125
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWX6b1IBbqQgGXedQovxfT2glXeIqnPGtwPQBITuxBoPwP2mToUJwTB83spZMZYkeaabaPDQkKccAGwyiVD5UQzy9AcHKPhPxaw9nFjr0bH9v%2FAhVuB3ZCVRX43KVsayYnMt7Dnh9gw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f19b961eb2354c4-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 04 Apr 2022 08:00:47 GMT
v_iphonexho001.0-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2022/03/
34 KB
35 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/03/v_iphonexho001.0-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32814505fed89592bc8718a6b2aac8cf72c4ef5f93b036ccad02439a0235b579

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public, public
date
Fri, 25 Mar 2022 18:31:33 GMT
cf-cache-status
HIT
last-modified
Fri, 25 Mar 2022 18:11:20 GMT
server
cloudflare
age
907
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRVkXV%2FFBFsNstB9s7GQUG51pg%2BF3WuowdAaZCJXbtLFXDbLgyq5Z9YrekA9l51KDfXFf6zqcJnGCxnwrUPdX8u80fPREU1iM2pU1wM%2Bmxnqf2g87YZvDnlD44115y4SZtB0yhzZSBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f19b961eb2454c4-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 04 Apr 2022 18:16:05 GMT
spring-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2022/03/
71 KB
72 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/03/spring-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7928a1cd1811abaec44e155bc28cc8d40a04338eea4e92c0bb3101874b480b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1063
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Fri, 25 Mar 2022 18:13:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thzom5kA8dckIB3gge5hzKR9gAZ%2FqIK30vZUIa9KIoKzG2DzHc8STJ1BWcsOTD07BlyHtBY81YSuRzFSCkCf0IvWRPxcCCs7mVvshGWMXFZEm%2B9KUFM%2BibdJ828SbNUVJgq%2Biq2jtko%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6f19b961eb2654c4-MAN
expires
Fri, 25 Mar 2022 18:13:39 GMT
Roberto-Mancini-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2022/03/
26 KB
26 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/03/Roberto-Mancini-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
873ff16ed970e8c40b69c4d3e068b80d298f6fa52445ffff51fff04416fb044b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public, public
date
Fri, 25 Mar 2022 18:31:33 GMT
cf-cache-status
HIT
last-modified
Fri, 25 Mar 2022 18:08:03 GMT
server
cloudflare
age
1243
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H2eCVW%2FGb9hXfbgj%2FcUJ8c7idW7lzA6lCkPUsXqV6gFQdBzJ1pJNyVFKBM2ocZTRfY7VY%2BIgNyeDKlzzGCH7WLdM5ePW8nfAgmzXiVjABVydV9ufmQNatFXufdq3ANRPKE5wSlgPEfg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f19b961eb2754c4-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 04 Apr 2022 18:10:06 GMT
gazeta-express.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/
8 KB
3 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/gazeta-express.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31dba1aec81e6b14d4ba4c8ff7974e33f480719a71ea60d42361c49b59c0a2d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943490
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIgPUshVUv5O2BJoeuh0ZuG%2BWxjrTQr%2Bqqmc7PqImPLRTHrQyBpCrD39SqTGiNOjVx0SUalu5m3KEqHkT79MmHphgROUTbw1hCVk1SDefMIOaNdDi52cWljfAObB8cc6H71fz%2Fbt0ac%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6f19b961eb2954c4-MAN
expires
Thu, 03 Mar 2022 04:22:56 GMT
facebook-logo.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/
604 B
919 B
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/facebook-logo.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f7ef35bdb15376d58e3ea16190d1d92a0379ae2f5b0b0108d393369dd09ed4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943490
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59jOP%2Bi1no1JBElLZgXkxkuBF%2FXfSGlDf3ULZ7%2BfSbSKqTiI%2FzDeOq6Oil1z%2B0F7Ex4BbgU1DhYGIbobv%2BjNsQ91XQe8qh%2BcD8MsfXE%2FWh0XvfLmK%2FD5IPiHA6KOa7pO%2Fs0osuQzJmM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6f19b961eb2a54c4-MAN
expires
Thu, 03 Mar 2022 02:06:43 GMT
twitter-logo-silhouette.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/
850 B
1 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/twitter-logo-silhouette.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc6f9465b51ddd159e5268944a013f29114cde4d11265d63ebbca2ee91081f70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943490
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHL6knf2MKYRXnrUQP%2BIJJEpNRhprlyKsdIXxxa9L%2FK4grn%2F%2FaldyFhkZEQtmGiBf5pJpVUgfs7zSXWLmZN7R4eszDdsmXujCZ%2FRS8rV9IWi5dfqGEux17rvf9pbyR6%2BriUJwvufuxw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6f19b961eb2b54c4-MAN
expires
Wed, 02 Mar 2022 23:57:41 GMT
instagram-logo.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/
1007 B
1 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/instagram-logo.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be4aeb8ab5cffa42a0f0ad08a780289db5dd6d9d72ca1d0d8c83f3590b50901

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943490
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fF3axQG61OSrkM4dGJanjVdXR6FTtc1BoGBwtojk78LZzzuIq%2BCj%2Bolx%2BGls2fCQTv9nT8UqrekpK8HbYCYL8xeHlFJ0%2BViNa7bRGIeOaJwMn5zhWA47BCwelKDw47Tg%2B4IVgEu5Z4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6f19b961eb2e54c4-MAN
expires
Wed, 02 Mar 2022 23:57:41 GMT
youtube-symbol.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/
612 B
920 B
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/youtube-symbol.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f370c1978c064ed715099f885066fa3d9dbe18cc821186883ff35782418ff565

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943490
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qL2FkaU%2FQnm%2FiZ1%2BE%2FrWAGNL8ArtsKuUOP6VN1bGw91Far9V6acn9do3WSkg4NEa5gjkzJU1GDGLLEmAHa4AZHd%2FBH7%2F4RDUew5bPtsCeRpyqEcNGGsk8xr%2BE5eFCL4MsvYS7%2BcBWAc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6f19b961eb2f54c4-MAN
expires
Thu, 03 Mar 2022 04:22:56 GMT
logo-shkabaj.png
www.gazetaexpress.com/wp-content/themes/express6/assets/img/
8 KB
9 KB
Image
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/logo-shkabaj.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fd7e4addfa6af607117bf218a0bee89074525db02f98b9389efa3cd8e6d1b84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public, public
date
Fri, 25 Mar 2022 18:31:33 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
age
1943490
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySqrXlUWPWdIwwU7xT%2FAZ4OdwwUBCxp3XqQ%2B0WZnjgtz5g%2BPIz8eTvjW%2BzJjHYvLl%2BunsBtTtzmY5bp91hbu%2BUYpK4Blcwz2wPXN3%2Bp5TPPgPPVzF%2Bv3IDtNxUxCTygVolziU93WEVU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f19b961eb3254c4-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 13 Mar 2022 04:22:55 GMT
owl.carousel.min.js
www.gazetaexpress.com/wp-content/themes/express6/assets/js/
43 KB
12 KB
Script
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/js/owl.carousel.min.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943492
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9H8WJz5bhz2cm13rRsFkHI5R163LTKKtdxLPWZd%2BP1atspJ4QViRETze73KZkRRnD72rdl4NydPv5AuCbAOYdR5iEs3iRFDGeqFxpR6yoY4I4dpb8rt2q0bSnVol16PLKpy8%2Bmiszc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6f19b961ba8154c4-MAN
expires
Sun, 13 Mar 2022 04:25:47 GMT
main.js
www.gazetaexpress.com/wp-content/themes/express6/assets/js/
9 KB
2 KB
Script
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/js/main.js?v=1.0.9
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86960b92c227276b7ece5da51dad789ec45424f1294bc5884cacaca7d44cc595

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943492
cf-polished
origSize=11722
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 24 Jul 2021 10:24:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHdeYiAPN7VvZy6Ls3hV77m07U9UbkNs3MCr%2Bmi9Hb9BxNWDd9fqBfnhnuDopTeydDIZZrTEuzvFy7V6vN3GVeEYja1cTMqXitmYUr7gLhStZNlTrbj8qQLFZVa6x%2BmKzqN0sYFuyOo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6f19b961eaef54c4-MAN
expires
Sun, 13 Mar 2022 04:43:10 GMT
bundle.js
www.gazetaexpress.com/wp-content/themes/express6/assets/js/
2 KB
1 KB
Script
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/js/bundle.js?v=1.0.5
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1b8a7a342a97c83b3d9735d6e09d9b38d4139246d8d02c8f17098b4ecac72d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943492
cf-polished
origSize=3713
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Mon, 16 Mar 2020 11:55:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kuuAcPmjx6Uzvt0lNHziIQMkSgtDSEAduXa9P4axSHojWNMvY07ETtLbXTA2Mf3TBgy8EOvFakjNdfubSRSdszPE%2FlvoGJeX8ctZ5WGIl%2BXXvY2PriHMQfi4%2BgVkzs1bGMCtzBpBZEU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6f19b961eaf154c4-MAN
expires
Sun, 13 Mar 2022 05:58:44 GMT
mpp-frontend.js
www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/js/
290 B
783 B
Script
General
Full URL
https://www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.3.10
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943492
cf-polished
origSize=331
x-cache-status
MISS
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:34:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xHLSjdY48NppGQE5ENJHUpMGJdLiDO%2BgyR0tQ52CemIj6xbf1q2Iol7z6j64krh1m%2Bg6moM0OsPoZOfBYOrCeM55pD3xZtWwZATg%2B7yenBvTe8wFCfLqLBuct9DSw5cxRXQ1z6C%2B%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6f19b961eaf254c4-MAN
expires
Thu, 03 Mar 2022 06:14:46 GMT
wpFeatherlight.pkgd.min.js
www.gazetaexpress.com/wp-content/plugins/wp-featherlight/js/
14 KB
6 KB
Script
General
Full URL
https://www.gazetaexpress.com/wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd.min.js?ver=1.3.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76a90135a3f44e3108f3a857d9bc86327de6be031917368293a94cd5a6935ef8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943492
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 14 Aug 2018 01:52:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAhDo7aMyn8Krk5yCqOc%2Fp4koVnU7CLmE7dsSEERhormolPkyoEsU3lieb5HC2GfUkxTORz9P%2F1YiyIXmIuLxqj9asXhzPKlmog5EbCG5TQXR8u%2BkZdOQxpDrkZXe4lfsuuHrZycvoE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6f19b961eaf554c4-MAN
expires
Sat, 12 Mar 2022 23:57:39 GMT
wp-embed.min.js
www.gazetaexpress.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://www.gazetaexpress.com/wp-includes/js/wp-embed.min.js?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943492
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:32:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mMy1UxoUx9kf6ljTidffzQ%2FTg4YO20W3r3Vw60u2Kz1a64rI9qBJWeJrjL7%2BK6cl%2FOiiMvPL90uBJuMJpsLx7MEqkommxQ9lzFt5IDJooeAGM464UEpNjtcE4jjaDPF8F4LMH9%2Ffjo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6f19b961eaf954c4-MAN
expires
Sun, 13 Mar 2022 04:25:48 GMT
U-7Baa56EnJJkA-3VT33cT_3HbI.js
www.gazetaexpress.com/cdn-cgi/apps/body/
4 KB
2 KB
Script
General
Full URL
https://www.gazetaexpress.com/cdn-cgi/apps/body/U-7Baa56EnJJkA-3VT33cT_3HbI.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/cdn-cgi/apps/head/y7fSIC-Nar-PQDdmdwDlbGcPmlk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6927908310a9d8ea2a4e5594452cefd9dc8c8aa71bf101c4d497964b16efedf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943491
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZYP4BEYMR1K8SKQQ
x-amz-id-2
qdg18V3FkG2pvD4ME+USTUJbIwfYDYXVZvrJ78Y4fRlv3GkMp+8kv5xiKrcPeWNgRvdgNP7Sv2s=
last-modified
Tue, 10 Nov 2020 13:59:34 GMT
server
cloudflare
etag
W/"a48224d294929710ccf63815c082d82a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDX5O3cNfFhMNh5OO7wQQ0j1WE6CDtgHHrTfn3GfPohuViXXWO6wrEdg9aiZSSPVss7wDa5JzJYB1K7eu7fnYOYDoSjxtL%2BZ%2FBDlwpoe0MOfZs%2FHrPMtc5OMizgN9n7ofVoU%2F2OAxw4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
OdY.zUSDblunDdofCPVQz2xapN1Ewriy
cf-ray
6f19b961eb3c54c4-MAN
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1607
date
Fri, 25 Mar 2022 18:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 25 Mar 2022 20:04:46 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/
4 KB
2 KB
Script
General
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-86.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 05 Mar 2022 07:54:07 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
1766247
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
CtMGlY7_MghFFHU4TaItOATFd3K9mKRgvxyjVCo8ON6a70vVGVOHSA==
fbevents.js
connect.facebook.net/en_US/
99 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26320
x-xss-protection
0
pragma
public
x-fb-debug
i6L+jcxFKsDg1QLbwxxaR5IqVoGQBj/rZ7iXf90/dkqcBDqcwWi+IBFIjgDFFuA/nE+XoTK1maT1MEvaorMewg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 25 Mar 2022 18:31:33 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
loader.js
cdn.taboola.com/libtrc/mediaworks/
167 KB
24 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/mediaworks/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb0f534cbdc4f12e5ce356d330df1f9212dab3b9035f9ca084d6c54d5e7cd821

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Wkc_rZlNQmNTCKBRxLriGeFlsoO3vY.7
content-encoding
gzip
etag
"0215be18ff91f9f8cf1f87561475194c"
age
37
x-cache
HIT
content-length
23804
x-amz-id-2
4jG7Chbmbu99n4OBg9mnQ91+eAQrOuT0w3kbwoXmHUepO5g0KrT+Hg/gw8Qf2YaS2Q79SDfDzEo=
x-served-by
cache-hhn4052-HHN
last-modified
Tue, 09 Feb 2021 14:13:22 GMT
server
AmazonS3
x-timer
S1648233093.495030,VS0,VE1
date
Fri, 25 Mar 2022 18:31:33 GMT
vary
Accept-Encoding
x-amz-request-id
9C5TJCXTW9V9Q9S6
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
55
x-cache-hits
1
teads-format.min.js
a.teads.tv/media/format/v3/
600 KB
132 KB
Script
General
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/76285/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c540fdda5a880c854dfe598220503ea70b1a7cd6253236c55e01197f0fd471c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
last-modified
Thu, 24 Mar 2022 13:21:45 GMT
x-amz-request-id
BVF3QW8A76A0KERC
etag
"71453e8e790456927cdb84229047ec4c"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
d
accept-ranges
bytes
content-length
134063
x-amz-id-2
EUxyNzod11UQozINelhXBE8h/SUONNvwFxC52NK7RnWoRGFhrgIxFxe/8NV4kVmme9zMcrUsym4=
expires
Fri, 25 Mar 2022 19:01:33 GMT
wp-emoji-release.min.js
www.gazetaexpress.com/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://www.gazetaexpress.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1943491
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:32:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AaGIVRcdsXlt8zz94vx2GZgSj0XEGrJLNb4ww%2BXhGfS%2BHkmk9ySLnNsyb6mqEwB67Sm3mLYO6lLb%2FpxIV0nodi6oH63sWNm2DRNOfBvskXffvBDTyG4cG8EdxPCwNamnRPf6dyDdTS8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6f19b961eb3f54c4-MAN
expires
Thu, 03 Mar 2022 04:22:56 GMT
Raleway-Bold.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/
65 KB
65 KB
Font
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-Bold.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ee01bd79e58c77dc4276a96fa5dcbe396c024538353c216894c5d6abcf2b6e1

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66240
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bfoix4y6OVhYsYe9GheeGcY2%2BcivDbODtoPU8%2Ftwyz%2FMNNBFRMLUCPOVR5bG7DJ6SqYpPUdr0MTWoxrA%2B9bVrsk5jOSLqBS0s9bi9AwaGXJJAFGGTZvI4I9KaCPaJJzNeXaT6OuaDQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6f19b9622b6f54c4-MAN
expires
Wed, 12 May 2021 08:31:18 GMT
Raleway-Regular.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/
64 KB
65 KB
Font
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-Regular.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
760042c74ca436460ec38ee573383b5eb120a272f56e2ed526a62b7757eacd22

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65692
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ehm2zewiGqsSkIdWwpJnoQqalPv0mBZ%2Fzf8v91HHQjriL%2FdhWb8wOw6hBwvOES3xV70dVEVVS67Ddb1Lae8MmY9mdPdQ2NysxEwlfKJiwY9YZwdCtIVuTdLD33YHmX5CoDCLpxCUz8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6f19b9622b7254c4-MAN
expires
Wed, 12 May 2021 08:32:13 GMT
Raleway-SemiBold.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/
65 KB
66 KB
Font
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-SemiBold.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
658c14d9b1f327a4c44cc3295d08584eada1e2d086497f748ad972799f4e4fc5

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66524
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zt%2BvAV3fmF7wOAI5aD2%2B6H7caM5cF13HifiIOT45MJiPlM%2Be1cx9F74IvMVjC2ZFjI5jwnNk7qt3PTtfx3UkwqNHoS%2BNSLj50P6i0hToE95rpQAFgXSWRTZLcLgQJMAWljAJMls7n08%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6f19b9622b7454c4-MAN
expires
Wed, 12 May 2021 08:32:13 GMT
Raleway-Black.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/
63 KB
64 KB
Font
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-Black.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd857341e3bc19e8c375e272b2d0c5456d7e01f3f15329dd03bb9b3333e6fb32

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64872
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7L4SGpJMSC35mDuolpR5ow5H0kcvDIEomQMN5xIMC9rTuCSPWxCMBZBzyrAm1F75UQOaTRJRPreVo6KkoTInXB8AEv0EYnylZLhzt6OQsTTi6wrogIkms38bDB7sOtK9MRkXIMxkO4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6f19b9622b7654c4-MAN
expires
Wed, 12 May 2021 08:32:13 GMT
Raleway-Medium.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/
64 KB
64 KB
Font
General
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-Medium.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e4af100a42dd45aa66377c48b24edb4ddd16831513508917ec5e87e0ab98600

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65280
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2uVDNhzIrT4Eln9TI8Djfz328ojdEEOQbpNNrAKVFuRA5%2Fd%2FK4p6JNh1VlspZFVVjPY7t75JOykslv%2BISx%2B%2FWPIcyun3v6067Fe%2BECMrSD4uq4ywFYWCka7fhHcURPQhA7nw2VLrb%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6f19b9622b7a54c4-MAN
expires
Wed, 12 May 2021 08:31:20 GMT
atrk.gif
certify.alexametrics.com/
43 B
551 B
Image
General
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Dyshohet%20se%20Koreja%20e%20Veriut%20l%C3%ABshoi%20raket%C3%ABn%20m%C3%AB%20t%C3%AB%20madhe%20t%C3%AB%205%20viteve%20t%C3%AB%20fundit%20-%20Gazeta%20Express&time=1648233093497&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&random_number=19112459998&sess_cookie=23259ab017fc25919779fc6e41d&sess_cookie_flag=1&user_cookie=23259ab017fc25919779fc6e41d&user_cookie_flag=1&dynamic=true&domain=gazetaexpress.com&account=OPTMe1aoiI00Ua&jsv=20130128&user_lang=en-US
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-16.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 25 Mar 2022 03:49:47 GMT
Via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
52907
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA6-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
mBI2PqloELzDqVsRN0M1ZCyURyMv-wY8S-UxHLRkQp25l3D79cSfow==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/
0
48 B
Image
General
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.20.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-20-240.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
server
Server
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1774774518&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&ul=en-us&de=UTF-8&dt=Dyshohet%20se%20Koreja%20e%20Veriut%20l%C3%ABshoi%20raket%C3%ABn%20m%C3%AB%20t%C3%AB%20madhe%20t%C3%AB%205%20viteve%20t%C3%AB%20fundit%20-%20Gazeta%20Express&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACEABBAAAAC~&jid=647027385&gjid=594513624&cid=259260600.1648233094&tid=UA-6427330-1&_gid=499153274.1648233094&_r=1&_slc=1&z=800497914
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1774774518&t=event&_s=2&dl=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&ul=en-us&de=UTF-8&dt=Dyshohet%20se%20Koreja%20e%20Veriut%20l%C3%ABshoi%20raket%C3%ABn%20m%C3%AB%20t%C3%AB%20madhe%20t%C3%AB%205%20viteve%20t%C3%AB%20fundit%20-%20Gazeta%20Express&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VisitsSource&ea=Website&_u=IGBACEABBAAAAC~&jid=&gjid=&cid=259260600.1648233094&tid=UA-6427330-1&_gid=499153274.1648233094&z=1349352667
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 05:50:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45661
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
gazetaexpress.com.1190148.es6.js
jsc.mgid.com/g/a/
237 KB
71 KB
Script
General
Full URL
https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
435ce57b7e49b4625586fd7fd96c73611899225a53c82e316349fdb77dfd831b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
age
4001
last-modified
Tue, 22 Mar 2022 09:17:11 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FY0YVKER8Y41H2TH
x-amz-id-2
oYHRjvPaDfL/tgk6Xj+vlNUEn4BVf3c+5Raz5bJPuLoRtolUndDqs7ehYwUGPgGt7dVtUenbVgo=
cf-bgj
minify
server
cloudflare
etag
W/"a5957bb0fcce51d3aa748062c1bcb6fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6f19b962cdc89bc2-FRA
expires
Fri, 25 Mar 2022 21:31:33 GMT
pubads_impl_2022031601.js
securepubads.g.doubleclick.net/gpt/
365 KB
124 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 15:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126823
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 08:34:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 25 Mar 2023 15:50:03 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
82 B
103 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gazetaexpress.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
c31b2375744708f38933b2cb26263a36bb9c254ba30d3d669953136ffd70dbe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78
x-xss-protection
0
expires
Fri, 25 Mar 2022 18:31:33 GMT
gazetaexpress.com.1002277.es6.js
jsc.mgid.com/g/a/
257 KB
73 KB
Script
General
Full URL
https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04f1a3827eaff0b8b11a96a873a89f03dce094fadc3d825e7ad74b040eb6753d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
cf-cache-status
HIT
age
4000
last-modified
Tue, 22 Mar 2022 09:16:14 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
XK8BEBJ1TBGDZ1E8
x-amz-id-2
RrDnF0YTlALX13FXjr0wbBJkiKtSzWlqt391wVAVlVIP4dHaUN5gaWUyMF9mNJmTPzby3B7Y9wQ=
cf-bgj
minify
server
cloudflare
etag
W/"0d2aea685e49aa675e49b42ced23421a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6f19b962cdca9bc2-FRA
expires
Fri, 25 Mar 2022 21:31:33 GMT
260200548443713
connect.facebook.net/signals/config/
307 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/260200548443713?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5bfc9d681398233b7ea9d711c1c7c13bfff2e0333451c4d2bad846fc8ccd73d6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89119
x-xss-protection
0
pragma
public
x-fb-debug
UqT4W5KfGz48XwmLnubIhWEu9nhtWa3KDlv8i+5K3VBKiUCy8zSAnqaVr2aFEicfsrVbFAqXEeIBAIQdjG1T5w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 25 Mar 2022 18:31:33 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
446 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6427330-1&cid=259260600.1648233094&jid=647027385&gjid=594513624&_gid=499153274.1648233094&_u=IGBACEAABAAAAC~&z=874969955
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 25 Mar 2022 18:31:33 GMT
content-type
text/plain
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl.20210208-11-RELEASE.js
cdn.taboola.com/libtrc/
461 KB
107 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20210208-11-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mediaworks/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
cf0a680b3db78402b1968d02a73e5d14ddfbee11d87f60e9cd5ac7cf8c553676

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
KnSm.W0xbjxKdbzJlmXotguv.ic.uOsY
content-encoding
br
etag
"a91756933e089626a1d0a3de71a9f830"
fastly-original-body-size
108763
age
25878
x-cache
HIT
content-length
108763
x-amz-id-2
GKaVQjXUiyPJn9A12snxsO/10Dk74mWrNKf4+pvLY3gL5IO6cUecWDz1F5WlQSwWPJ3YtJcz3dQ=
x-served-by
cache-hhn4052-HHN
last-modified
Mon, 08 Feb 2021 10:37:31 GMT
server
AmazonS3-br
x-timer
S1648233094.646854,VS0,VE1
date
Fri, 25 Mar 2022 18:31:33 GMT
vary
Accept-Encoding
x-amz-request-id
QMFPXQR6FCQXT02V
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
1
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/
297 KB
107 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e8f0f5ca5d5b55140671695909b35920222f2b67297d9c0651bbfacf530350c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109448
x-xss-protection
0
server
cafe
etag
1996592251211372810
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 25 Mar 2022 18:31:33 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/ Frame 126C
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Fri, 25 Mar 2022 14:18:28 GMT
expires
Fri, 08 Apr 2022 14:18:28 GMT
cache-control
public, max-age=1209600
age
15185
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
openrtb
adx.adform.net/adx/ Frame
0
0
Preflight
General
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 25 Mar 2022 18:31:33 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
pragma
no-cache
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
183 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Fri, 25 Mar 2022 18:31:33 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/
18 B
319 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=71422890813
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
bid
ap.lijit.com/rtb/
94 B
750 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
081b983483170e65eaeb26f1b0d97126e37c928132031d1ee0823c54f9691025

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 25 Mar 2022 18:31:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
openrtb
adx.adform.net/adx/
0
413 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:33 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/
35 KB
11 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
becbabf5f70b065cac3dc3fcff12ca7eb75fd8426c7c3b295154d434588b5dab
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 25 Mar 2022 18:31:33 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ed0ac302-3950-4743-93fe-7cdcbff6c5ac
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
hb.emxdgt.com/
0
163 B
XHR
General
Full URL
https://hb.emxdgt.com/?t=3000&ts=1648233093746&src=pbjs
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Fri, 25 Mar 2022 18:31:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
fastlane.json
fastlane.rubiconproject.com/a/api/
240 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=2177830&size_id=55&rp_schain=1.0,1!Gazeta%20Express,19943,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=6fd284b1-bc99-4949-bf46-dd0ce3b57ed6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6627825291142408
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f41707ebcc62a651749443fb9dd1e7a86f49ae52a87974487a0aa268d65c88fe

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:33 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
240 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=2177830&size_id=15&rp_schain=1.0,1!Gazeta%20Express,19943,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=edfd33bf-4aec-4b23-a0a5-48ead42573c6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6956950238624766
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a1af5ad071f96fa1d97a3b01321fffea2bd1166c794b00108d3b0d9da819d172

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:33 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
track
t.teads.tv/
23 B
113 B
Image
General
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=cb67426d-2361-4ffa-a1cc-da4badad5273&pageId=76285&pid=82609&debug_metadata=WxedtNHAmS&fv=1018&ts=1648233093766&f=1&referer=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.161.75 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-161-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/
23 B
143 B
Image
General
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=cb67426d-2361-4ffa-a1cc-da4badad5273&pageId=76285&pid=82609&slot=native&fv=1018&ts=1648233093774&f=1&referer=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.161.75 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-161-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
ad
a.teads.tv/page/76285/
537 B
574 B
XHR
General
Full URL
https://a.teads.tv/page/76285/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&page=%7B%22id%22%3A76285%2C%22placements%22%3A%5B%7B%22id%22%3A82609%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A824%2C%22height%22%3A464%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=cb67426d-2361-4ffa-a1cc-da4badad5273&formatVersion=1018&env=js-web&netBw=10&ttfb=226
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
84194c6e837aee55404ce102ce769b16bba4be4eaae4766657162bc67319576a

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
363
expires
Fri, 25 Mar 2022 18:31:33 GMT
asyncspc.php
ads.gazetaexpress.com/www/delivery/
689 B
1 KB
XHR
General
Full URL
https://ads.gazetaexpress.com/www/delivery/asyncspc.php?zones=30&prefix=revive-0-&loc=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F
Requested by
Host: ads.gazetaexpress.com
URL: https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df0a00e1e07b86913a50e0fbdc4784aba61bb99b50e6c54d0882a6383f9a21dd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNpZ7ffp%2Fsdh2ApvAX9eHWxpC%2BOATqpCmGVc2oIDr4%2BwCiWUj6tw8Vyu6YsTrV0vqYKoZEmoTiK%2BCeXA1t53ZhaOPyy6jkldWOUWJC618%2F4flRk9O5l%2FlstZJEDR59kLEugbiDu%2FQo8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6f19b964481054c4-MAN
expires
0
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6427330-1&cid=259260600.1648233094&jid=647027385&_u=IGBACEAABAAAAC~&z=114717475
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6427330-1&cid=259260600.1648233094&jid=647027385&_u=IGBACEAABAAAAC~&z=114717475
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pica.js
www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/scripts/
20 KB
7 KB
Other
General
Full URL
https://www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73c946e1c5809576bf156031ff5186116776cd23c032266aeca9067dcfd0771d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pegswNk58unuT0dR4cPSk%2Bn4OchHd5AnsWRMxsoTlmCz7uPeG1Y2BWNp0QOugPCPxM0A2TfyaXsF3%2BX3JAYv3OblKnX8bySUL3I6szacZzGPWuz3BYIgbvGr0Teeflxl6avsd9hEVfk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6f19b964888154c4-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
projectagora.min.js
aghtag.tech/libs/
277 KB
82 KB
Script
General
Full URL
https://aghtag.tech/libs/projectagora.min.js
Requested by
Host: agorahtag.tech
URL: https://agorahtag.tech/c/gazetaexpress.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e700bddd1405ed9feb6cca2523254b13b0bc2191f0728170099746792e7caa8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5172
cf-ray
6f19b964fc925fd1-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
82685
x-amz-id-2
7nP0qlbwDEw4y6+TEey7mF1qyZ78H9tKll9WwvVIOOnHpSdGh9V85u7S77Lofe0dXOcL//Z/dw8=
last-modified
Tue, 22 Feb 2022 14:51:02 GMT
server
cloudflare
etag
"bb5843fcf1d36f23d43ddf1e00f66ab5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFRt%2BNtJuVMU1KSb3WKu%2B0DlZjzeEsqHXdTIfUMwIBxn1T8MXdS1m9UQmE1Ocwye%2BO9s1JiSQND8iESmOrUFa54SvMJYwPsHfCF41wAJAWZp4DkjssSVSCXheFAo%2BhhZ8lBaAD2Gq15TOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
0G7Y8W0XENR0SVJX
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
/
ads.projectagoraservices.com/ Frame 3954
3 KB
1 KB
Script
General
Full URL
https://ads.projectagoraservices.com/?id=4361
Requested by
Host: ads.gazetaexpress.com
URL: https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d4b871026e1912263de416e2998423157080532a674bfb55eff6372495521ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1174
expires
Fri, 25 Mar 2022 18:31:33 GMT
lg.php
ads.gazetaexpress.com/www/delivery/ Frame 3954
43 B
821 B
Image
General
Full URL
https://ads.gazetaexpress.com/www/delivery/lg.php?bannerid=8&campaignid=3&zoneid=30&loc=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&cb=59ba140ff9
Requested by
Host: ads.gazetaexpress.com
URL: https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u65q6mIFMhQLhSSFEIRQlP%2B6FtinjrlQ1VX7TB2f4LESqm3XftkypAjwhzJ8thh0rfX7Xk7v3uWS6IBFjQyBUOp7hPJXJOBkogtHweK1whJS%2F21%2Fs9UaxVbc1FnHFmZ4TVHrnYF0Gzg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
6f19b964d92954c4-MAN
expires
0
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1774774518&t=pageview&_s=3&dl=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&ul=en-us&de=UTF-8&dt=Dyshohet%20se%20Koreja%20e%20Veriut%20l%C3%ABshoi%20raket%C3%ABn%20m%C3%AB%20t%C3%AB%20madhe%20t%C3%AB%205%20viteve%20t%C3%AB%20fundit%20-%20Gazeta%20Express&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBACEABBAAAAC~&jid=&gjid=&cid=259260600.1648233094&tid=UA-6427330-1&_gid=499153274.1648233094&z=337041702
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 05:50:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45661
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
410 B
Image
General
Full URL
https://www.facebook.com/tr/?id=260200548443713&ev=PageView&dl=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&rl=&if=false&ts=1648233093914&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1648233093912.990862561&it=1648233093589&coo=false&rqm=GET
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 25 Mar 2022 18:31:33 GMT
cookie.js
partner.googleadservices.com/gampad/
221 B
418 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.gazetaexpress.com&callback=_gfp_s_&client=ca-pub-4665846415960239
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
97ad3d46b56aebe0f14ba3f120b2bea87f715585a61b19a193fd3e94fde715ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 07E1
603 B
67 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4665846415960239&output=html&adk=1812271804&adf=3025194257&lmt=1648233093&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648233093699&bpp=3&bdt=454&idt=262&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1911826339242&frm=20&pv=2&ga_vid=259260600.1648233094&ga_sid=1648233094&ga_hid=1774774518&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21066434%2C31060566%2C31063246&oid=2&pvsid=767084410462239&pem=418&tmod=1633614420&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=279
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 25 Mar 2022 18:31:34 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/
865 B
291 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=767084410462239&correlator=269781270615956&eid=31060837%2C31065783%2C31063246&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=74207979%2Cadxp_ge_sticky%2Cadxp_ge_in-article&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%7C320x100%7C320x50%7C970x90%7C250x250%7C300x250%7C336x280%2C300x600%7C320x100%7C320x50%7C250x250%7C336x280%7C300x250&ifi=2&adks=1438139209%2C1243139692&sfv=1-0-38&ecs=20220325&fsapi=false&prev_scp=hb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D970x90%26hb_pb_oftmedia%3D0.00%26hb_adid_oftmedia%3D23395af53d283dd%26hb_bidder_oftmedia%3Doftmedia%26hb_format%3Dbanner%26hb_size%3D970x90%26hb_pb%3D0.00%26hb_adid%3D23395af53d283dd%26hb_bidder%3Doftmedia%7Chb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D300x250%26hb_pb_oftmedia%3D0.00%26hb_adid_oftmedia%3D24f065f8b2abaca%26hb_bidder_oftmedia%3Doftmedia%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D24f065f8b2abaca%26hb_bidder%3Doftmedia&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1648233094001&lmt=1648233094&dlt=1648233093245&idt=591&biw=1600&bih=1200&adxs=436%2C531&adys=1150%2C1835&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x-1%7C824x50&msz=728x-1%7C824x50&fws=516%2C4&ohw=1600%2C1600&ga_vid=259260600.1648233094&ga_sid=1648233094&ga_hid=1774774518&ga_fc=true&btvi=0%7C1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
7282309b5829bb33abe6dfc6a9ff19c6f4c235212445314c41da920984d0f636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
261
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1f9afd595932b731caa96c0be85f1c84.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 243C
6 KB
4 KB
Document
General
Full URL
https://1f9afd595932b731caa96c0be85f1c84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 25 Mar 2022 18:31:34 GMT
expires
Sat, 25 Mar 2023 18:31:34 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame 3954
32 KB
8 KB
Script
General
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4361
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
257a4584294f6aa97aeb3e9c8ddfdef3892ca1b3530213f80a2b431f0da20159

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 11:41:27 GMT
server
UploadServer
etag
"a178823d2ae84db5f82ee3f3802b46c8"
vary
Accept-Encoding
x-goog-hash
crc32c=tugYrw==, md5=oXiCPSroTbX4LuPzgCtGyA==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdtNYcBmZimXr2COTBK0OWaHL6fKtFLiyGjV7d39AeRyZz70WG2J_8DcBgofvnnXxb1QWg-US455JYifogfa8xZQdEPlMg
content-length
7481
zhJnpaRdaZlV7SsdlSy0yejd5SaKIpZScf333wouCJlMcPB3Gnxns_PXL6EXJXdHt8IALTOMH6V61Y4b8hln7hEOVcL7wkZHtRisJfynFJDJLWgMth1UgFf8FtIzfo50YvoxyjnkIx1oMRsxc2wBpLNBVFmroET6j0fl8iUDZxYD1EXVEYqC8iDsjXznGj6Aj_0bp...
serv431.com/
891 B
1 KB
XHR
General
Full URL
https://serv431.com/zhJnpaRdaZlV7SsdlSy0yejd5SaKIpZScf333wouCJlMcPB3Gnxns_PXL6EXJXdHt8IALTOMH6V61Y4b8hln7hEOVcL7wkZHtRisJfynFJDJLWgMth1UgFf8FtIzfo50YvoxyjnkIx1oMRsxc2wBpLNBVFmroET6j0fl8iUDZxYD1EXVEYqC8iDsjXznGj6Aj_0bperSQuKEMpRuVZpx4nBGsYBzw_S-mV3bNTTy3qWF_lcizDA5xflJw95RREUS1GD0IcJszUtVULfKLqTmNgTJ7WktGfssCVwl5BHwsyn7Ci9TVUfeU1WEwy17TL58iakEgxkH7lpk1n26VkQuaSKApqS2eXUFGch_ov-ePvnc3Eo8MS0P321k_eAIA7lx6q-cqwtPCQRd-F3DR7tVA2-KEnm0nojEEFXmo8gmCx49n3SgX-jLtJNCoBXjxjtEOJ--gIayfKUeIeXJkiQMDLI6Sk81tj-CaOCkfGRpn5fyIn0tLgJjs9xFpyB1pID2URg4_czptr_kh6ON1__4VErCJuRJfjAJGdNSJpd1EsK6KdE8y5c7pyRM?
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
cd8ce51768e2f2754661ece5e58ddb3d65336635955adfbe2a198dc05be42acf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:33 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
891
expires
0
zdTplhdYqoMVe0E2rKol0J117_x5HrM_uE-X0rahW89Dt0Sc3XwEifRwOSY8NyleyVxOEg0l99j0NYxl-or3SBB7g9VUYjnd6sFHNC8ah_lh9zsPagDbOEpOU07wfO8D6WAhLzrkvHYtwvJ-zv_I2ZcLhsk1KDRRiI60pbAvzPdxED_Y7lGiCSW1ZKt8xIROnZZ9r...
serv431.com/
907 B
1 KB
XHR
General
Full URL
https://serv431.com/zdTplhdYqoMVe0E2rKol0J117_x5HrM_uE-X0rahW89Dt0Sc3XwEifRwOSY8NyleyVxOEg0l99j0NYxl-or3SBB7g9VUYjnd6sFHNC8ah_lh9zsPagDbOEpOU07wfO8D6WAhLzrkvHYtwvJ-zv_I2ZcLhsk1KDRRiI60pbAvzPdxED_Y7lGiCSW1ZKt8xIROnZZ9rDLI9uU44pJOfM5Vx0ZOqBBAXWHPevgvaUU-zHbBZocK2t4AWjQQUrC_zJHJm4H48R8XDOZR9CPUb2pGfKkXsHxh-Vylk80A9z4NCqfuo5dZ16O81F30MPaHZ2lNfwfeSFWLbkYElUuK0fHO8CKbXOX8Bkl7AKD5LOs5e-EMJqHXRqwY11b7CmAAlzMArWqnXkRYQ3RP03oPvJ-yGlevsWJnd_Sbz7SIAXhGvmg7tVasP5ZRx45U_fx2W-pt3eWS6cHSogQhlNu0F1AnhJ9rVkB7CZ9zyzMPjgXbeWGPqOY4z5ojTtIcFH51GofdHszL4TyuoJhi0_1GZ556Zb0ipD8mCSAhFBzsvxl4NNPFfckw0v8WyzxQ?
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
c744c5b10a1f60d384e429ac01f1172981b1faedf3007fc80cd9437022e154d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:33 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
907
expires
0
zDun1TDWB8QO8N_FAwOUKteKic9n-tYQMkLFskliAgIylF823wM4dqR9bkX5D5XvPTNYHFvFFPigVlPCp6cznRCgnhYF-N1cW6-NzzlxKDsa3WnwvXQFxC2VsxUWu5DU-Y8HxLMBxR_4e2Y7AW96UqEB216qg8sW88ulEjFp86OuiwlGKEdYNsbNw-aOCtX_NFjkU...
serv431.com/
893 B
1 KB
XHR
General
Full URL
https://serv431.com/zDun1TDWB8QO8N_FAwOUKteKic9n-tYQMkLFskliAgIylF823wM4dqR9bkX5D5XvPTNYHFvFFPigVlPCp6cznRCgnhYF-N1cW6-NzzlxKDsa3WnwvXQFxC2VsxUWu5DU-Y8HxLMBxR_4e2Y7AW96UqEB216qg8sW88ulEjFp86OuiwlGKEdYNsbNw-aOCtX_NFjkUbzmMSTRaDTBzxSHN-gXomRxv6se_dHN6rWeIEqCkgpYwI5i0NUAASSLGJpwx6WhV7HU0vMYIt_1O9RWIN6O4beITCCM4DMo4q2vBDO2bTu5Wv6olQvSMgK-MoAbHKzLhV4i-lnoSjsb42nnibQu5DHiJXdV4KQeRjZOgozpt98n-oAMA36zHsUSdEp2QtdW9zs7vj2TOHDrtZ_0jGYTuKLORwkyjiEFlYhWrlN1ka69FlSvjVgJZuSBBFy1V5jx53z4PiA4Z849_EdkiPd0PKfwH67zOfo_UBYZmkFAkIqqqCWFsryKaueBBQxu18xwADXv2IAQ3xDODaqir2sRqGC7CfSsqht4qKUXMpKRlIkgz55fnyBU?
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
1ae88d1d58c142032f5aa462cfdb03201713bfd0267ae12b853b1045c9c561e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:33 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
893
expires
0
z7rMChIu6_-CK9KDlt4ZJDCKWOcvBp6qrK_ZdXTmvF96NhGRXbrA9jv19V2GL6rIjfkgbf9zjdQCCYhDfV8FJO4KRjgk6BTAmFjEcvpm55s9H3q9Eb5zbJHeKfQS5tVu7orOv3zuVEqVyC0kRBbONw5p21RCYBbdkoml3Hv9OkcDZ75atkAZpHQ_DYGoxVk63xJsP...
serv431.com/
850 B
1 KB
XHR
General
Full URL
https://serv431.com/z7rMChIu6_-CK9KDlt4ZJDCKWOcvBp6qrK_ZdXTmvF96NhGRXbrA9jv19V2GL6rIjfkgbf9zjdQCCYhDfV8FJO4KRjgk6BTAmFjEcvpm55s9H3q9Eb5zbJHeKfQS5tVu7orOv3zuVEqVyC0kRBbONw5p21RCYBbdkoml3Hv9OkcDZ75atkAZpHQ_DYGoxVk63xJsPGYEt9_Zh3dytDqRbOgFmAYfI73rCmpdaGB_bdZ_splGlfebp7A935VPq-xvG9jDnyQNB6SVH3U_lDIYFdL3FTLkp4yie4jMJECzQeLtAnzXY42jjfSfGvSirPO8uMOJVOf30ZrX-XLTDQeZ1b4XdI14QqQechk3jSrrcX9HxO4U7pyGzM3Rz0C1jUPSlK8gDdlkVGxYBz0zofuR55OiIyaS7oFBe8_fxQ7MoIR-21El1LBI4Un2HffFebkcicCzlF8JhqC1_Ur38Unb3IcNDog0vb8i7T6VJP651T3erJ3j8HD3WjbHYU0_fCdfWWC9oIt3Q9duPBOtmu-a3yHdhNhsuyGczPqq6BILaFmyLdR03tMayzk8?
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4ce720eb55b3a5c0f94ea3778f758e5ebcfc03080723268d8c22c7752184e3a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:33 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
850
expires
0
z1bB3s-reOXhK3GOSVhIblwhVMeJoA4roEooL2-21tsd2FpDrNwGKMum5SuWL-hDazH-mFvyxpiLc2H_UEM41YfjktevTRdBQ6BPvXzdbEttMAnH13bOD4f4lKfkWqnCzYhGVk-2E_2uc24aZTlO6i_4q018uyQJ0J7ltTSdqNpGDYI_ZPrxOelhr4alZzC5vJU5F...
serv431.com/
935 B
1 KB
XHR
General
Full URL
https://serv431.com/z1bB3s-reOXhK3GOSVhIblwhVMeJoA4roEooL2-21tsd2FpDrNwGKMum5SuWL-hDazH-mFvyxpiLc2H_UEM41YfjktevTRdBQ6BPvXzdbEttMAnH13bOD4f4lKfkWqnCzYhGVk-2E_2uc24aZTlO6i_4q018uyQJ0J7ltTSdqNpGDYI_ZPrxOelhr4alZzC5vJU5FJkWXFzAdtkGNIllOcne5QFdFjeUBtDl4bGWMB3kRXRMFFAybu6Z8RBlGqoXVQTWe7InDHPyhxg3FsksFpEQf_M9H2xvst7XTLE2qr5Zf8QvhNUGBXtAaVpxglG2skr_h-FThIDhbgoOLzplLjlXEq8yl-s6pwPWR5CPzvTvmPe189YfD_ley6f4uyx6MnqJJPe04t6GwhE-fx0K1lJlDtsrp_eHM-xksC4Lv2ZLdnj8qJb3uNHP3HZQoHXjCPAynZONsZd4oqeAIzNWzNCfe4snPPw6E4NRYi0cDdQFaKHSkfkG0knK193HUNfgwfPbDGVa3bBAHfuzxhqMQFgfiImKl6KJ8mrHL2NeUuetQI0Q3tJLnmxA?
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
6794f75867a7a053638fd07475d3fe5e2b6eac23e151c0a832d6f251443a0b98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:33 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
935
expires
0
zjeHQf78tSG-p7KBzscDWI18OCpnlsh7Ewfvj2g_tpAky86bDfFpZd3RPJWDolUyWVcNnKBPillUFLoDnfWTdbdP9zzyExgJSbYhrQR-SpryRq4TIbfe_hjSWqvSQTnlnMOeS8N-wDBoKJzPDT-s9z4CfRL1wW-1pyAyrpqoBfHMebrYU_mt8F-BKYuVY7lhIzyvw...
serv431.com/
905 B
1 KB
XHR
General
Full URL
https://serv431.com/zjeHQf78tSG-p7KBzscDWI18OCpnlsh7Ewfvj2g_tpAky86bDfFpZd3RPJWDolUyWVcNnKBPillUFLoDnfWTdbdP9zzyExgJSbYhrQR-SpryRq4TIbfe_hjSWqvSQTnlnMOeS8N-wDBoKJzPDT-s9z4CfRL1wW-1pyAyrpqoBfHMebrYU_mt8F-BKYuVY7lhIzyvw54w_HfFAgezcNHOVLxfTEvdDKJmtnnfvsBwP67Y2TXPWRDH-SoWakEsKX__86-ixI2RBLMhMMWt3ZI0v33JQFrIizERhsQMwjTBPESu8CMQXehEhQp9ud4k23DXqGpK6mAPTZDieNcrSlkpcCUbS5vUMKll18a6C3XVMKru_juHT_-tsitcVyA0G6vnWCmTKz4Rehgef066V6PDHJmImKHMbGdR0ht2u86XCCRHUU5ykdDCBbRST8Kvn-RlsByfQHLmN5AwzfQBZAC4l5aCJ5eQfvYMcKvYwa-wO1kxqEPvnwuy64opULMSY4mkipVfNlw-PAknMFBvEuKLzftWKPgOCQnGK3-RkXrU2WLXkfkpgtcblwUM?
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
3d2980f2f39d5ad260db8f98d1fee29b964c45f6362443c2cdde99bb08699892

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:33 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
905
expires
0
zgI1G-FofA4kKDJO-XDkyydcOo3-r13cOSmkvzQfSbF6cLKeXRmhRvif_aijNWx9v15YhP7MopRFbFyqMIo3g_FHfualbsxZesvfSigMHF-1QPQmOGiapzWInNpzB3n5sjVormHKbXgM6Xie8KXSsAK-ryhVzitjUXHbQHkQwcMiMc1zeciHN5J5yt-cnWC1l6Q1a...
serv431.com/
870 B
1 KB
XHR
General
Full URL
https://serv431.com/zgI1G-FofA4kKDJO-XDkyydcOo3-r13cOSmkvzQfSbF6cLKeXRmhRvif_aijNWx9v15YhP7MopRFbFyqMIo3g_FHfualbsxZesvfSigMHF-1QPQmOGiapzWInNpzB3n5sjVormHKbXgM6Xie8KXSsAK-ryhVzitjUXHbQHkQwcMiMc1zeciHN5J5yt-cnWC1l6Q1aezxMbugv4ke2Sseqfqk6otoPH8ab8jHN4vDxTzvqtMTZlifH7tDNxvDgqzt6Scm7xED2O2o3nvm9bqMpBBbemkgiGj7Oup4WGlO3UsjEWFnRslJqKi6123rUHLS8k2Q3RiQEkzZiA4luRmOgTknFO6n7-te-Q8gaS7cDIeUa3Xg9U6vAIpRN6C96VUXhJfyu5ThYZgeC0pJr3FIe-mVnygOd5FDgQHdJGFpTweqxsdOJd_f1SPlkATIt9vxQuXOV8C6Oszm4twkn8JbTDinIMtPZkzeZ8T39LLriRsfgPvJ3kIrq6j1HveK03JFIAa9GlOmjo0xn_Em0tq6nnPLT29-_Nouh_XevZ3mXO9vpfkw1s8PlmUc?
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
7929edf6b6b8be0c5686eadf041e911e50040e15a0fbf3349a6e649692c715b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:33 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
870
expires
0
6f19b95f786f362e
www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/cv/result/
2 B
692 B
XHR
General
Full URL
https://www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/cv/result/6f19b95f786f362e
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1648231200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6f19b967ff1854c4-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgaPxqeIYjpRofx4%2BqEa8p7yMwFccW3PkC1LgNqlniaPEHZSWy2jfLHMgGMACGVUHxokh%2BgfUeaKIn8qOQggAGG1Rfl2hjoAN%2F2%2BKZgQLoUspiazuLCZvHycuV2BGRpXznRg5O7lCLg%3D"}],"group":"cf-nel","max_age":604800}
/
ads.projectagoraservices.com/ Frame 46CD
4 KB
2 KB
Script
General
Full URL
https://ads.projectagoraservices.com/?id=6750
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
43519fc44b476fbe3de469041a267e6efd53e13dca8c3536d536d7cb029750f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1418
expires
Fri, 25 Mar 2022 18:31:34 GMT
zVaIs6Ik_lIhnrJYGgkZ3AzAxJUyRFBtJ3YaukUiQu1jWUMq_8Dgml2yWx1Ztjw71MfsmDphoUsv83j_sXhEXNIpaYae8z24nUzRnIxs9X0rKhxwqAnHFTlF_rV9_OIM35WXZ2I73GVNDEadqEUztj6nq-MC5bQmFyd13xiN0w4uncy2Dv5O_MPaMypLdqRCoxC_h...
serv431.com/ Frame 46CD
43 B
510 B
Image
General
Full URL
https://serv431.com/zVaIs6Ik_lIhnrJYGgkZ3AzAxJUyRFBtJ3YaukUiQu1jWUMq_8Dgml2yWx1Ztjw71MfsmDphoUsv83j_sXhEXNIpaYae8z24nUzRnIxs9X0rKhxwqAnHFTlF_rV9_OIM35WXZ2I73GVNDEadqEUztj6nq-MC5bQmFyd13xiN0w4uncy2Dv5O_MPaMypLdqRCoxC_hOLRvAL_7nMOj2xHMqOQxjaT31IMejzILfoPugOCoyT4pKR4RiuZ50zEiN-nc1k2-OpdSAA35FQfF5efjPXZC_5nVLjTU0BxJTM5shVmZAvqLpQpsYzwllcuGzvi-5rTXyUnZiGr3NvTA1LSk4lrReGh6ULy9B4HONPXsDLPkrs_v2Wqbb2KgxwuycqM9vbl1ao8kqZXWpLrqIykPrsbTg4dq0uDirqme?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:33 GMT
last-modified
Thu, 02 Dec 2021 16:25:42 GMT
etag
W/"43-1638462342000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame F4A3
4 KB
2 KB
Script
General
Full URL
https://ads.projectagoraservices.com/?id=6750
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
43519fc44b476fbe3de469041a267e6efd53e13dca8c3536d536d7cb029750f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1418
expires
Fri, 25 Mar 2022 18:31:34 GMT
zYXpEV_3DXxWjBKrFfHl5fuTGrMYmj6SM5Hf7ieb_-u77d_I4rTGd0QrY_6HCUQePT1PJmB9y84uBLXKwka2sEYs-2rxuyMO2pG-3eX7AbccVDftptOVg8mmfSQrQnctmKYYOZiYYFcNyKs1tjL7GUE6DKnzuA21GJxqJpkq_EtRlA8Rj8p1ig4xBvFHbKbnhZXIV...
serv431.com/ Frame F4A3
43 B
510 B
Image
General
Full URL
https://serv431.com/zYXpEV_3DXxWjBKrFfHl5fuTGrMYmj6SM5Hf7ieb_-u77d_I4rTGd0QrY_6HCUQePT1PJmB9y84uBLXKwka2sEYs-2rxuyMO2pG-3eX7AbccVDftptOVg8mmfSQrQnctmKYYOZiYYFcNyKs1tjL7GUE6DKnzuA21GJxqJpkq_EtRlA8Rj8p1ig4xBvFHbKbnhZXIV_b9TGF_dj-jGZybU7bXxVBb5ckSEmrDguh9HBBeSj0BSdT0ZHYeszHb6TYjdg54bHorsOX2bOx6O2uJ8BbrT6RqWharfXJMfW5IBJ7NvVFsVeuEA7cARK2WiwtpDjgYHSSJ7uRDKJw9s-35yOuJC7aF-BmCqKL77QshwDv6T7FMjiZdN8v9OALYdom2gw1HfTRFcEkCUmxOoWBe1j3AdC453kx_PHHYL?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:33 GMT
last-modified
Thu, 02 Dec 2021 16:25:42 GMT
etag
W/"43-1638462342000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pv
bisko.gjirafa.com/
68 B
929 B
Image
General
Full URL
https://bisko.gjirafa.com/pv?t=1648233094400&guid=aa27078834024bf5b4fb936cd4e10f0c53f24c2a5a0345bd8c42317c2877a9f1&sd=d8179d65f8784d9290f79d99aad326cc&c=%5B%5D&tg=%5B%5D&tt=Dyshohet%20se%20Koreja%20e%20Veriut%20l%C3%ABshoi%20raket%C3%ABn%20m%C3%AB%20t%C3%AB%20madhe%20t%C3%AB%205%20viteve%20t%C3%AB%20fundit%20-%20Gazeta%20Express&u=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&r=&bl=en-US&sw=1600&sh=1200&h=2&v=6.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7sakZFgCMShmYBQ517W7FTmlk%2FlrsfqxIoNrgXYema7vLmJyW2PV7uxB8KkX2gQ3kGrdsAJ4TPYoQWxJ8xxJTicxPgOnIbjD0URC%2BvlXD2EGKMriQd7OKStLTwRtU5PHnW6"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-cache-status
DYNAMIC
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
6f19b968297f9b45-FRA
content-length
68
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 3954
349 KB
112 KB
Script
General
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 08:59:57 GMT
server
UploadServer
etag
"11268851b1fae583284d891ae77d8f75"
vary
Accept-Encoding
x-goog-hash
crc32c=iwkFbw==, md5=ESaIUbH65YMoTYka532PdQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdtTMszr4NXOViTtpsyRJ2v81xqZM7cx1Jc0RYSePwIm7YIqkHW4u_1o-MH2cyE9zl-YuFJX9xiR2RuBjiolm44
content-length
113743
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame 46CD
32 KB
8 KB
Script
General
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6750
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
257a4584294f6aa97aeb3e9c8ddfdef3892ca1b3530213f80a2b431f0da20159

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 11:41:27 GMT
server
UploadServer
etag
"a178823d2ae84db5f82ee3f3802b46c8"
vary
Accept-Encoding
x-goog-hash
crc32c=tugYrw==, md5=oXiCPSroTbX4LuPzgCtGyA==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdtNYcBmZimXr2COTBK0OWaHL6fKtFLiyGjV7d39AeRyZz70WG2J_8DcBgofvnnXxb1QWg-US455JYifogfa8xZQdEPlMg
content-length
7481
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame F4A3
32 KB
8 KB
Script
General
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6750
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
257a4584294f6aa97aeb3e9c8ddfdef3892ca1b3530213f80a2b431f0da20159

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 11:41:27 GMT
server
UploadServer
etag
"a178823d2ae84db5f82ee3f3802b46c8"
vary
Accept-Encoding
x-goog-hash
crc32c=tugYrw==, md5=oXiCPSroTbX4LuPzgCtGyA==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdtNYcBmZimXr2COTBK0OWaHL6fKtFLiyGjV7d39AeRyZz70WG2J_8DcBgofvnnXxb1QWg-US455JYifogfa8xZQdEPlMg
content-length
7481
/
www.facebook.com/tr/ Frame BDA8
0
18 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.gazetaexpress.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0
date
Fri, 25 Mar 2022 18:31:34 GMT
gazetaexpress.com.1000638.js
jsc.mgid.com/g/a/ Frame 79F3
2 KB
1 KB
Script
General
Full URL
https://jsc.mgid.com/g/a/gazetaexpress.com.1000638.js
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83c7061e855dc8bb94b83bbc3782081062211d93dd30c5a362a5dacf18cdd9bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
cf-cache-status
HIT
age
729
last-modified
Tue, 08 Mar 2022 15:07:28 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BA3RSA57QC7V3ND5
x-amz-id-2
LbyYaFqUwOvf3WjvX3+F6kpSgZdJopRPrq8KEZiNsRfTwfXYunE9efWjsMb1iV1X2K1/K29Myg8=
cf-bgj
minify
server
cloudflare
etag
W/"b21d61fdd8ff6ef018fb5e92dd1b1421"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6f19b9684bf59bc2-FRA
expires
Fri, 25 Mar 2022 21:31:34 GMT
z_InxAudApKTErqlaGqjUoEbqp8aX8qbdJOUB_Ew4CyzjuO-PcCQsqJLYwzDXiVLsJIvxz3YXvfONgqgpaTH4SnJoJq-NnuJjjXZnl5NqgURW8Swa6V9FFNELpynTVWPa-9a9z3c-vdppAXvVcgAQNw0cRhFlRangbBEsyA5tvYVQ8d0ZZm_QEjg9ASbmlOUZVZAG...
serv431.com/ Frame 79F3
43 B
511 B
Image
General
Full URL
https://serv431.com/z_InxAudApKTErqlaGqjUoEbqp8aX8qbdJOUB_Ew4CyzjuO-PcCQsqJLYwzDXiVLsJIvxz3YXvfONgqgpaTH4SnJoJq-NnuJjjXZnl5NqgURW8Swa6V9FFNELpynTVWPa-9a9z3c-vdppAXvVcgAQNw0cRhFlRangbBEsyA5tvYVQ8d0ZZm_QEjg9ASbmlOUZVZAGnyHB0niLiyC7E6ykp9soreNrE0RX1mmAzRMx9iQYUdxlhTe0UytQF2aPKAC3xiyiDE2Iuj2pycKSQdgUCbACAyavSKpJp1cAlOJwaqPRuAXEyUXSR80Uy7ua3Ek3UoZPIPq0l4tbPkTjy_6V4A0Q12XEfJG7ISMwbq7yMcjnkzA9lvrQUAd5ZI3u0aZhDCGp83lzy1p6Ko43n9V0hHI3yiugNF_v6UiMb5w?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:33 GMT
last-modified
Thu, 02 Dec 2021 16:25:42 GMT
etag
W/"43-1638462342000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame B783
3 KB
1 KB
Script
General
Full URL
https://ads.projectagoraservices.com/?id=4361
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d4b871026e1912263de416e2998423157080532a674bfb55eff6372495521ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1174
expires
Fri, 25 Mar 2022 18:31:34 GMT
z9l-UUjpdCQ7DSUsAI4K0Wac-i64hM4PbASe09SdUgEg8ZqCXgfshBDWhj-5wjOzPdbj9u5q3Dqr9IsaLdj5DgpCV2gwpfYNIK3ys4F3xSAzH0XEhQbVlZxM6J9eG18Y7_hstLWDEsDL9KPAFB1wLRLv_9gF6b-54iUSAfkSDaIBwaydr1BrGP-qhOGupGnfp9CLL...
serv431.com/ Frame B783
43 B
510 B
Image
General
Full URL
https://serv431.com/z9l-UUjpdCQ7DSUsAI4K0Wac-i64hM4PbASe09SdUgEg8ZqCXgfshBDWhj-5wjOzPdbj9u5q3Dqr9IsaLdj5DgpCV2gwpfYNIK3ys4F3xSAzH0XEhQbVlZxM6J9eG18Y7_hstLWDEsDL9KPAFB1wLRLv_9gF6b-54iUSAfkSDaIBwaydr1BrGP-qhOGupGnfp9CLL7YnhNkGPL6HCrX6Pu5oh1exby5S4B4fKF17ulEiZYyIabtIbV6KDdcn76YwqYHRw4Puao5wcyCo-7ckL8tmXoLfBrPdt2aQVkFDFRQmpOvATNAvk_LfJnYleK_2ohI2wxK1TMk_YjGg_1npnW3UJ9H25eL8M9FFdzIY3OIztbFNQtnVPFIeDSRQPRpt4sEtIpSyleZETzGxPrvE6jsVzU8EpDVEJYk1zKQ?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:33 GMT
last-modified
Thu, 02 Dec 2021 16:25:42 GMT
etag
W/"43-1638462342000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame 12E9
4 KB
2 KB
Script
General
Full URL
https://ads.projectagoraservices.com/?id=6751
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b18983695372f4a79f7f99b514ffefaf9ff8f1bc359bc8ce59ee024638145c68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1420
expires
Fri, 25 Mar 2022 18:31:34 GMT
zi07yS_5B-9Hwfyqq-odCdOrmdJwuxTljvCCqPiTluhVvp7W8faQCCoh2EXEliKmRCvo_frVj-c0umeraYxkUQimba5FHZ1SctioGa_8CFs-eVpdJoKSBZnAdxCwKhL7jqrSlwLDJXKuiPjCHfd_z-sWERy94Da-7wV4HVS-LGR7qhRONwgC-uHBUldh28_uw3i9E...
serv431.com/ Frame 12E9
43 B
510 B
Image
General
Full URL
https://serv431.com/zi07yS_5B-9Hwfyqq-odCdOrmdJwuxTljvCCqPiTluhVvp7W8faQCCoh2EXEliKmRCvo_frVj-c0umeraYxkUQimba5FHZ1SctioGa_8CFs-eVpdJoKSBZnAdxCwKhL7jqrSlwLDJXKuiPjCHfd_z-sWERy94Da-7wV4HVS-LGR7qhRONwgC-uHBUldh28_uw3i9EzOJZ0RznsnjtagCJKkdEQrybCSMJNgQ9q_APh5_DhTfHPIzZur6vg4DlTnwLd9WjqyQWvnL7bvNsrBc88qt525xngT4eiAP_t834nf9PQ5_G8RUNXenWEcPydTQnFnfIYF5sNb1YpIotFRfTUVL7nVsINHKZLltimIkq8kQK6xGd22WgSGlhBbI-2aF9C4h1IJbj_7cK1J0tMFThYo3QFOKOUVOkmdgIMw?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
last-modified
Thu, 02 Dec 2021 16:25:42 GMT
etag
W/"43-1638462342000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame 593B
13 KB
4 KB
Script
General
Full URL
https://ads.projectagoraservices.com/?id=4391
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c45153bd359a06f9460d3b24361bcced7f49b0324b7937c6849df4ce55ad4961

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
4114
expires
Fri, 25 Mar 2022 18:31:34 GMT
zFq2xb_GKuyEDAwZayz_JiUDvuiKLqF7nQ3SCoxRp9cIWcFTepvrOTU_-J_CrQdI6SQ4uRj5_kcj9hZSKoZm5fqjNvmtiEahz95iK67rDbQFz092wWxpPfsJ8nM8aeMDbxX00Rdi93XMf7BPz8JheqednxhF4v8LsG9T99AWVXHU1Qb__Xj68KYEOPeI9WE6aLZdO...
serv431.com/ Frame 593B
43 B
511 B
Image
General
Full URL
https://serv431.com/zFq2xb_GKuyEDAwZayz_JiUDvuiKLqF7nQ3SCoxRp9cIWcFTepvrOTU_-J_CrQdI6SQ4uRj5_kcj9hZSKoZm5fqjNvmtiEahz95iK67rDbQFz092wWxpPfsJ8nM8aeMDbxX00Rdi93XMf7BPz8JheqednxhF4v8LsG9T99AWVXHU1Qb__Xj68KYEOPeI9WE6aLZdOtPcvN7b2TshKujPZ4N-uSJViJ5Yk5G4evwEgjqqIguRRUGiJv_e8VZfpJTyxsGsP6ERkVWV6F1j70yj1JNdrRg5khZ7OIn0kRfeIZbiwwUavwmTzuvn0KxPmC05qu4jD8Jlct9dazWM-VaCfIlDBaHALHtnwVuX4wsVW3762bTrRDXNGGb2cUc4MQSEGEg4NcDt8QjrgD81LX12PJf-yp3nVDisIAuVKaMM?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
last-modified
Thu, 02 Dec 2021 16:25:42 GMT
etag
W/"43-1638462342000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame CC05
13 KB
4 KB
Script
General
Full URL
https://ads.projectagoraservices.com/?id=4391
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c45153bd359a06f9460d3b24361bcced7f49b0324b7937c6849df4ce55ad4961

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
4114
expires
Fri, 25 Mar 2022 18:31:34 GMT
z1w-BAEj0WbwG6as3xkgZCeOoec_ibe2KRGkd8MkSApX60C0gXWnhQQ2InZ9tXjNGRrLrUrXVtEVJFgz1iLz2fJ90zwJyiiIKe3C0l4fWan3aERGwTWLh-cZmPlvQUPoyuzayQMxxm6sETZ4XIgjBJl9f9hCNGjMTlTB7LmkslbQeOIl_tnvQXNi345oZxeg8eOS0...
serv431.com/ Frame CC05
43 B
536 B
Image
General
Full URL
https://serv431.com/z1w-BAEj0WbwG6as3xkgZCeOoec_ibe2KRGkd8MkSApX60C0gXWnhQQ2InZ9tXjNGRrLrUrXVtEVJFgz1iLz2fJ90zwJyiiIKe3C0l4fWan3aERGwTWLh-cZmPlvQUPoyuzayQMxxm6sETZ4XIgjBJl9f9hCNGjMTlTB7LmkslbQeOIl_tnvQXNi345oZxeg8eOS0juSQmLI0jZNhyUxL0UagbnA82q3GO305WkbWaytSDmCJZz6QOjQDcqa3BOQiD3-kiDaLe5aY7IOSPWuf4GEWu4-960oYsPgX-d-kvoJGy18Npp0CMm4gy97FDDsOSE2L27IRyMoJEzGpHubm8mUJRe7Av1VmYnh3XXP3AWF9u2ADj9CGPko7iWzjHQGU3R8u5aQTPv_Bx4Uct6U6h0Wx82rKYTCeTx50Ew?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
last-modified
Thu, 02 Dec 2021 16:25:42 GMT
etag
W/"43-1638462342000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame B783
32 KB
8 KB
Script
General
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4361
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
257a4584294f6aa97aeb3e9c8ddfdef3892ca1b3530213f80a2b431f0da20159

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 11:41:27 GMT
server
UploadServer
etag
"a178823d2ae84db5f82ee3f3802b46c8"
vary
Accept-Encoding
x-goog-hash
crc32c=tugYrw==, md5=oXiCPSroTbX4LuPzgCtGyA==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdtNYcBmZimXr2COTBK0OWaHL6fKtFLiyGjV7d39AeRyZz70WG2J_8DcBgofvnnXxb1QWg-US455JYifogfa8xZQdEPlMg
content-length
7481
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame F4A3
349 KB
112 KB
Script
General
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 08:59:57 GMT
server
UploadServer
etag
"11268851b1fae583284d891ae77d8f75"
vary
Accept-Encoding
x-goog-hash
crc32c=iwkFbw==, md5=ESaIUbH65YMoTYka532PdQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdtTMszr4NXOViTtpsyRJ2v81xqZM7cx1Jc0RYSePwIm7YIqkHW4u_1o-MH2cyE9zl-YuFJX9xiR2RuBjiolm44
content-length
113743
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 46CD
349 KB
112 KB
Script
General
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 08:59:57 GMT
server
UploadServer
etag
"11268851b1fae583284d891ae77d8f75"
vary
Accept-Encoding
x-goog-hash
crc32c=iwkFbw==, md5=ESaIUbH65YMoTYka532PdQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdtTMszr4NXOViTtpsyRJ2v81xqZM7cx1Jc0RYSePwIm7YIqkHW4u_1o-MH2cyE9zl-YuFJX9xiR2RuBjiolm44
content-length
113743
localstore.js
script.4dex.io/ Frame 3954
483 B
961 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-type
application/javascript
x-amz-request-id
txcb277395650a4fbcbe1a5-00623993cb
x-amz-id-2
txcb277395650a4fbcbe1a5-00623993cb
last-modified
Tue, 22 Mar 2022 09:15:21 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Ymc8jnKd9ExH%2F6UOUDKWe%2FLGdjFcFJFLI0JaddwAF1yhp0IpU4MZjpd8HEFeucVHd5IIAYL6SEV0FXM3ldMcupQsYtSfsH7cZubGEEncBBiAdUaUbjTf7GOZPJaZMLX5Lgx5DTck4tPPSvB"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1647940521027959
cache-control
public, max-age=1800
cf-ray
6f19b969291b5a1f-MXP
expires
Fri, 25 Mar 2022 19:01:34 GMT
cdb
bidder.criteo.com/ Frame 3954
0
222 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=16832858716
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3954
241 B
703 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1378976&size_id=15&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=d696fc91-f059-45bb-9b87-022115982127&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.384998883556845
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a80438cc568b43de3985e7ca3cd0300dda73126f30b815625acea91bcdb87483

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:34 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 3954
171 B
563 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
/
adx.adform.net/adx/ Frame 3954
5 B
488 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY0MyZ0cmFuc2FjdGlvbklkPWQ2OTZmYzkxLWYwNTktNDViYi05Yjg3LTAyMjExNTk4MjEyNw%3D%3D&pt=gross&stid=93cfb1d7-7b46-4d91-9dab-383a1b1db74a&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
translator
hbopenbid.pubmatic.com/ Frame 3954
0
120 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Fri, 25 Mar 2022 18:31:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame 3954
37 B
335 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=621765&v=7.2&r=%7B%22id%22%3A%2211719ca96e0f476%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22125ed7fd56271ed%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621765%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
16714e304b04c7ce5c989e5cbf87d0abdbaaf6fc128e2c6d0d246bf3958cb35f

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.43], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Fri, 25 Mar 2022 18:31:34 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame 3954
73 B
383 B
XHR
General
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d696fc91-f059-45bb-9b87-022115982127&nocache=1648233094541&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=300x250&divIds=16588074_gazetaexpress.com_ros_300x250&auid=540924443
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
7f3582eb2102f7bd956fc3ca67929e11bb7fed2cf0f846fc169f1ce6915d6282

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ Frame 3954
19 B
471 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.106.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-106-38.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
accept-ch
sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-arch,sec-ch-rtt,sec-ch-downlink,sec-ch-ect,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-width,sec-ch-viewport-height,sec-ch-ua-model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 3954
139 B
989 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9c98fc48c7e57e67112c6aa41339d1db22bdbe58e91f108ba8933e8e43911854
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:34 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7cb78e09-2ecd-42c9-95e5-32ce89dde84c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gazetaexpress.com.1000638.es6.js
jsc.mgid.com/g/a/ Frame 79F3
249 KB
73 KB
Script
General
Full URL
https://jsc.mgid.com/g/a/gazetaexpress.com.1000638.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1000638.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79f392bd641281fdbaa6d5054d812bd0f4cdd23e327e8ff7093688b372ff663a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
cf-cache-status
HIT
age
6135
last-modified
Tue, 15 Mar 2022 11:04:35 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
3F4BNHMM8VPWJ8KM
x-amz-id-2
x9jfDDiLakQc0yle/POokyPUZ0jFVhJgA4t7sH7p7+8RN+3yp6cE/kYULq4FfvOPEXVwvBwJr/Y=
cf-bgj
minify
server
cloudflare
etag
W/"1e9943cdad56f5f882d5fec05872ad47"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6f19b9691dc59bc2-FRA
expires
Fri, 25 Mar 2022 21:31:34 GMT
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame 12E9
32 KB
8 KB
Script
General
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6751
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
257a4584294f6aa97aeb3e9c8ddfdef3892ca1b3530213f80a2b431f0da20159

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 11:41:27 GMT
server
UploadServer
etag
"a178823d2ae84db5f82ee3f3802b46c8"
vary
Accept-Encoding
x-goog-hash
crc32c=tugYrw==, md5=oXiCPSroTbX4LuPzgCtGyA==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdtNYcBmZimXr2COTBK0OWaHL6fKtFLiyGjV7d39AeRyZz70WG2J_8DcBgofvnnXxb1QWg-US455JYifogfa8xZQdEPlMg
content-length
7481
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame 593B
32 KB
8 KB
Script
General
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4391
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
257a4584294f6aa97aeb3e9c8ddfdef3892ca1b3530213f80a2b431f0da20159

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 11:41:27 GMT
server
UploadServer
etag
"a178823d2ae84db5f82ee3f3802b46c8"
vary
Accept-Encoding
x-goog-hash
crc32c=tugYrw==, md5=oXiCPSroTbX4LuPzgCtGyA==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdtNYcBmZimXr2COTBK0OWaHL6fKtFLiyGjV7d39AeRyZz70WG2J_8DcBgofvnnXxb1QWg-US455JYifogfa8xZQdEPlMg
content-length
7481
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame CC05
32 KB
8 KB
Script
General
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4391
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
257a4584294f6aa97aeb3e9c8ddfdef3892ca1b3530213f80a2b431f0da20159

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 11:41:27 GMT
server
UploadServer
etag
"a178823d2ae84db5f82ee3f3802b46c8"
vary
Accept-Encoding
x-goog-hash
crc32c=tugYrw==, md5=oXiCPSroTbX4LuPzgCtGyA==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdtNYcBmZimXr2COTBK0OWaHL6fKtFLiyGjV7d39AeRyZz70WG2J_8DcBgofvnnXxb1QWg-US455JYifogfa8xZQdEPlMg
content-length
7481
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame B783
349 KB
112 KB
Script
General
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 08:59:57 GMT
server
UploadServer
etag
"11268851b1fae583284d891ae77d8f75"
vary
Accept-Encoding
x-goog-hash
crc32c=iwkFbw==, md5=ESaIUbH65YMoTYka532PdQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdtTMszr4NXOViTtpsyRJ2v81xqZM7cx1Jc0RYSePwIm7YIqkHW4u_1o-MH2cyE9zl-YuFJX9xiR2RuBjiolm44
content-length
113743
localstore.js
script.4dex.io/ Frame 46CD
483 B
554 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-type
application/javascript
x-amz-request-id
txcb277395650a4fbcbe1a5-00623993cb
x-amz-id-2
txcb277395650a4fbcbe1a5-00623993cb
last-modified
Tue, 22 Mar 2022 09:15:21 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvdlR56zk6UI2ntxqNtxse4ueVoou%2FW4KTaz8g5%2FFpGTF%2FjYsPVs%2BKTnTt4R3UMG6NcoZjvbHeczjD8C4veAjZgILl0oEIqaTU9f3LbTtxGlXvSDSNo6uJ84MQVtYjRBaYuSM01R9Xi5R6w6"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1647940521027959
cache-control
public, max-age=1800
cf-ray
6f19b96959895a1f-MXP
expires
Fri, 25 Mar 2022 19:01:34 GMT
cygnus
htlb.casalemedia.com/ Frame 46CD
35 B
333 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=620409&v=7.2&r=%7B%22id%22%3A%22172de9f8a475e%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22272746529e702d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22620409%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a3a2a44b86a5568a98dc4adbbf8a9e548879404722f5e703694b07fbc985e72c

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.43], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
35
x-ak-client-geo
12
expires
Fri, 25 Mar 2022 18:31:34 GMT
auction
tlx.3lift.com/header/ Frame 46CD
19 B
470 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.106.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-106-38.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-viewport-height,sec-ch-width,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ect,sec-ch-downlink,sec-ch-rtt,sec-ch-ua-arch,sec-ch-viewport-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 46CD
171 B
563 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
translator
hbopenbid.pubmatic.com/ Frame 46CD
0
64 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Fri, 25 Mar 2022 18:31:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 46CD
139 B
989 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
cfc8451d44a4a92ed77e0020b58e860d8dde06f1795183ae2ba03be58c410880
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:34 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
96a8abce-cc63-4070-b518-8c9c70de663a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame 46CD
73 B
101 B
XHR
General
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=36426196-de26-48f9-ba9d-332e59717e54&nocache=1648233094602&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=728x90&divIds=18287006_gazetaexpress.com_ros-1_728x90&auid=540990852
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
c6b99fe4e5eba9ccd266b5c6b8592501266862ae58198ca46b9f86b5676c0d89

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ Frame 46CD
5 B
488 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc3NzA5MCZ0cmFuc2FjdGlvbklkPTM2NDI2MTk2LWRlMjYtNDhmOS1iYTlkLTMzMmU1OTcxN2U1NA%3D%3D&pt=gross&stid=7e6de542-11be-4124-b51f-1a254a52a9c8&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 46CD
240 B
702 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1549192&size_id=2&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=36426196-de26-48f9-ba9d-332e59717e54&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4188457891643358
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3ae889f20623141ecc233802eb622837400ea58d38a6bb7ea9d8363a2af2070e

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:34 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 46CD
0
222 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=11337308536
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
localstore.js
script.4dex.io/ Frame F4A3
483 B
558 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-type
application/javascript
x-amz-request-id
txcb277395650a4fbcbe1a5-00623993cb
x-amz-id-2
txcb277395650a4fbcbe1a5-00623993cb
last-modified
Tue, 22 Mar 2022 09:15:21 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rVaQUWX%2BYJiqskO5LlSyUc1ZA2Xjaaghxey%2BTl9eE7AIHU1k8ncoEJ0oJWNV%2FTGAJ4MnCeg3%2BzxGNHFIcOTbA7suwmnAow7mHNr1uZpYqGEE7XXfjvigNPFNRFg0HP1V2%2BcL872B1YZVwo%2F"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1647940521027959
cache-control
public, max-age=1800
cf-ray
6f19b969598e5a1f-MXP
expires
Fri, 25 Mar 2022 19:01:34 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F4A3
240 B
702 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1549192&size_id=2&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=b05523fe-eafa-4cd5-a770-ad62a8c312ea&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.07876390869632166
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
58b895a19fd5fa95ea6ad36148c21fb0743713de8268669ba58970f160339de5

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:34 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame F4A3
0
222 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=50031281278
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
auction
tlx.3lift.com/header/ Frame F4A3
19 B
470 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.106.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-106-38.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
accept-ch
sec-ch-ua-arch,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-viewport-height,sec-ch-width,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ect,sec-ch-downlink,sec-ch-rtt
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
adx.adform.net/adx/ Frame F4A3
5 B
488 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc3NzA5MCZ0cmFuc2FjdGlvbklkPWIwNTUyM2ZlLWVhZmEtNGNkNS1hNzcwLWFkNjJhOGMzMTJlYQ%3D%3D&pt=gross&stid=01dfdf9d-3ea9-41ed-bba6-5db600a80daf&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame F4A3
139 B
989 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c610ab9e9360058545e78221a42db764a31323a3856a15dcc7cbd2cda831ab23
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:34 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3bef340b-501a-4fc2-b601-aabc75062e8e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame F4A3
0
64 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Fri, 25 Mar 2022 18:31:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame F4A3
37 B
335 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=620409&v=7.2&r=%7B%22id%22%3A%2213a6023dd70b1da%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22142a0c04ed1a07c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22620409%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
26fc8e06815cfb2ae45b00e8066f83db2dcccf37739db7902d2b08bf1490f5c0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.43], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Fri, 25 Mar 2022 18:31:34 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame F4A3
73 B
101 B
XHR
General
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b05523fe-eafa-4cd5-a770-ad62a8c312ea&nocache=1648233094610&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=728x90&divIds=18287006_gazetaexpress.com_ros-1_728x90&auid=540990852
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
7fd073c3febc36b1012510c5ca2581805a9e7e5d94eeb030c20e20ee9ad60176

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame F4A3
171 B
563 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 12E9
349 KB
112 KB
Script
General
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 08:59:57 GMT
server
UploadServer
etag
"11268851b1fae583284d891ae77d8f75"
vary
Accept-Encoding
x-goog-hash
crc32c=iwkFbw==, md5=ESaIUbH65YMoTYka532PdQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdtTMszr4NXOViTtpsyRJ2v81xqZM7cx1Jc0RYSePwIm7YIqkHW4u_1o-MH2cyE9zl-YuFJX9xiR2RuBjiolm44
content-length
113743
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 593B
349 KB
112 KB
Script
General
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 08:59:57 GMT
server
UploadServer
etag
"11268851b1fae583284d891ae77d8f75"
vary
Accept-Encoding
x-goog-hash
crc32c=iwkFbw==, md5=ESaIUbH65YMoTYka532PdQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdtTMszr4NXOViTtpsyRJ2v81xqZM7cx1Jc0RYSePwIm7YIqkHW4u_1o-MH2cyE9zl-YuFJX9xiR2RuBjiolm44
content-length
113743
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame CC05
349 KB
112 KB
Script
General
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 08:59:57 GMT
server
UploadServer
etag
"11268851b1fae583284d891ae77d8f75"
vary
Accept-Encoding
x-goog-hash
crc32c=iwkFbw==, md5=ESaIUbH65YMoTYka532PdQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdtTMszr4NXOViTtpsyRJ2v81xqZM7cx1Jc0RYSePwIm7YIqkHW4u_1o-MH2cyE9zl-YuFJX9xiR2RuBjiolm44
content-length
113743
pa_backupads_lib.js
projectagoralibs.com/libs/ Frame 9004
4 KB
2 KB
Script
General
Full URL
https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd9aa57367b6cc740caae552d411726e023cef38b4aab1ab365a7ce34b58d76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3474
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
E0F5CY80A74TZVG1
x-amz-id-2
ruOTvumuJwjryqGP6TtJpsbOZDz4i8T+FMwF/Ow3cTyFbnknjrH1eoKZFTXIqnZ3SsQdD4GiNN0=
last-modified
Tue, 20 Jul 2021 08:31:03 GMT
server
cloudflare
etag
W/"2d16b383f5bd347613b311222e31c59d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5b%2F3YL%2Bf3gkxncX9SAa7E9fVEEilJmf%2BIiWTM0KQNn1%2F%2B9fiT%2BdcTMuwWRMR4P7wZUc65WQy%2BoGsGcCPnlDqqqQtjCLLXqSFxbV6WGGNJscbHvGrTpyEcoKyZt3h2diYw1%2B475ZZ0EERfv2xxBkhwtmGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6f19b96aea657385-MRS
/
projectagora-483829-hdb.adomik.com/ Frame 3954
0
103 B
Image
General
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiOTNjZmIxZDctN2I0Ni00ZDkxLTlkYWItMzgzYTFiMWRiNzRhIiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJDUklURU8ifSx7ImJpZGRlciI6IkNSSVRFTyJ9LHsiYmlkZGVyIjoiUlVCSUNPTiJ9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiJ9LHsiYmlkZGVyIjoiQURGT1JNIn0seyJiaWRkZXIiOiJQVUJNQVRJQyJ9LHsiYmlkZGVyIjoiSVgifSx7ImJpZGRlciI6Ik9QRU5YIn0seyJiaWRkZXIiOiJUUklQTEVMSUZUIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fSx7InBsYWNlbWVudENvZGUiOiIxNjU4ODA3NF9nYXpldGFleHByZXNzLmNvbV9yb3NfMzAweDI1MCIsInNpemVzIjpbeyJ3aWR0aCI6MCwiaGVpZ2h0IjowfV0sImV2ZW50cyI6eyJyZXF1ZXN0cyI6W10sInJlc3BvbnNlcyI6W3siYmlkZGVyIjoiU01BUlRBRFNFUlZFUiIsInBsYWNlbWVudENvZGUiOiIxNjU4ODA3NF9nYXpldGFleHByZXNzLmNvbV9yb3NfMzAweDI1MCIsImlkIjoiMTkzZjNkNzRlZDRiMTg4Iiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAsInNpemUiOnsid2lkdGgiOjAsImhlaWdodCI6MH0sInRpbWVUb1Jlc3BvbmQiOjExNiwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIiwicGxhY2VtZW50Q29kZSI6IjE2NTg4MDc0X2dhemV0YWV4cHJlc3MuY29tX3Jvc18zMDB4MjUwIiwiaWQiOiIxOTNmM2Q3NGVkNGIxODgiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MCwic2l6ZSI6eyJ3aWR0aCI6MCwiaGVpZ2h0IjowfSwidGltZVRvUmVzcG9uZCI6MTE2LCJhZnRlclRpbWVvdXQiOmZhbHNlfV0sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=93cfb1d7-7b46-4d91-9dab-383a1b1db74a&part=0&on=0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.79.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-79-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 25 Mar 2022 18:31:34 GMT
Server
nginx
localstore.js
script.4dex.io/ Frame B783
483 B
555 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-type
application/javascript
x-amz-request-id
txcb277395650a4fbcbe1a5-00623993cb
x-amz-id-2
txcb277395650a4fbcbe1a5-00623993cb
last-modified
Tue, 22 Mar 2022 09:15:21 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxy8Kud4ZssduCvcqYh0ogSFh%2FIY%2BfV6fh6OR5T0m026youc4Qs%2FAfrKzVVYii0M7Wdq26RY2FJc%2FIC%2Bq0%2BSRGY9AeL5mhbRLC4mx2o8iqaIr9TcGKAJyjYrz5glJSDC4wvHM6df1Wk1MDmf"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1647940521027959
cache-control
public, max-age=1800
cf-ray
6f19b969cab15a1f-MXP
expires
Fri, 25 Mar 2022 19:01:34 GMT
/
adx.adform.net/adx/ Frame B783
5 B
488 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY0MyZ0cmFuc2FjdGlvbklkPWJjZTBlZTkxLWQ2OTktNDUxYi1hNjVhLWZlZGExODliN2Q2MQ%3D%3D&pt=gross&stid=38ba6cad-31c2-449c-8066-ed1ab05b5834&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
translator
hbopenbid.pubmatic.com/ Frame B783
0
64 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Fri, 25 Mar 2022 18:31:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ Frame B783
19 B
470 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.106.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-106-38.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
accept-ch
sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ect,sec-ch-downlink,sec-ch-rtt,sec-ch-ua-arch,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-viewport-height,sec-ch-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
prg.smartadserver.com/prebid/ Frame B783
171 B
563 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:33 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
arj
projectagora-d.openx.net/w/1.0/ Frame B783
73 B
101 B
XHR
General
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bce0ee91-d699-451b-a65a-feda189b7d61&nocache=1648233094676&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=300x250&divIds=16588074_gazetaexpress.com_ros_300x250&auid=540924443
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
6357f1c8dc514c89d7898c95823fb279d0cc68394f6cb43c8213ee90cc4bbed8

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame B783
37 B
335 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=621765&v=7.2&r=%7B%22id%22%3A%221180872915906d1%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22122dd91769e8287%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621765%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aa64d881a7842b502c8ffaf5d8b8e3ff56ca4848d38c49d86fb766a85e83ba91

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.43], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Fri, 25 Mar 2022 18:31:34 GMT
cdb
bidder.criteo.com/ Frame B783
0
222 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=41044263416
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame B783
139 B
989 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e31ad2859657839509de77419347926d8b00c083709446139518ffab6bf91d87
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:34 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
dccffcb7-f1f2-444f-ae95-80126c577b96
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B783
241 B
703 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1378976&size_id=15&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=bce0ee91-d699-451b-a65a-feda189b7d61&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.11873959845666548
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
922e0e375186bc04113ac7b1831643fa4e2af78596323bdac9414c7743abc6cc

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:34 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
adagio.js
script.4dex.io/ Frame 3954
72 KB
22 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
292429
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txb25b7ac46bfe451eb6b76-0062399402
x-amz-id-2
txb25b7ac46bfe451eb6b76-0062399402
last-modified
Tue, 22 Mar 2022 09:15:19 GMT
server
cloudflare
etag
W/"f6062b9ed3c12dab430d5d33afafadb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76Fh83ZFveDykhtizwMx4tBtyU31H1yqIj1ScKb4su%2F%2F8%2FNHRE74HOYnu716wQncVoMw6yp7zVOkVcCTxhJQOMlSEB1WSmQPtJuC%2BUVN5ym4Gxi4gjEwE3efG4DaaBoavKUzUW2SB0uuXlxg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647940519211847
cf-ray
6f19b96a18060e1a-MXP
access-control-allow-headers
Authorization
adagio.js
script.4dex.io/ Frame F4A3
72 KB
22 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
292429
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txb25b7ac46bfe451eb6b76-0062399402
x-amz-id-2
txb25b7ac46bfe451eb6b76-0062399402
last-modified
Tue, 22 Mar 2022 09:15:19 GMT
server
cloudflare
etag
W/"f6062b9ed3c12dab430d5d33afafadb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5E%2BxgV4tRbnsjIdpM8JShsejNEbmEtGNbKqSRTA7smHNgwyTEvmPMl94p5X3wFbzPgYbZq1S38cDlEKNkBSBsGrKWoluJd06gXqfXTYCBcnHu%2F%2Bj6NN8moa9qqYc21%2FojPAaoyv7pCe3gptC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647940519211847
cf-ray
6f19b96a18090e1a-MXP
access-control-allow-headers
Authorization
adagio.js
script.4dex.io/ Frame 46CD
72 KB
23 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
292429
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txb25b7ac46bfe451eb6b76-0062399402
x-amz-id-2
txb25b7ac46bfe451eb6b76-0062399402
last-modified
Tue, 22 Mar 2022 09:15:19 GMT
server
cloudflare
etag
W/"f6062b9ed3c12dab430d5d33afafadb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrJ3Vpa4ZsHMnVu6kqp9x3%2F09kACYNIc2Ol2p4yXLh2laszOsM%2B3Yz%2F1sSe7qCuDv0gF5prsvtmlT%2Bz9SCZ1Zhf82e%2BoTFn%2FxgnVk3IM9DlNuuiKzrkak8oTzIa%2BjQqNnhLfpHQviBSVYVp2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647940519211847
cf-ray
6f19b96a180a0e1a-MXP
access-control-allow-headers
Authorization
localstore.js
script.4dex.io/ Frame 12E9
483 B
555 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-type
application/javascript
x-amz-request-id
txcb277395650a4fbcbe1a5-00623993cb
x-amz-id-2
txcb277395650a4fbcbe1a5-00623993cb
last-modified
Tue, 22 Mar 2022 09:15:21 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBMsWhHpm862QAPRKwf7lH7L21DCnvQY3WMFXAwAk%2BRkrl%2FXv3l4Iqgvg%2BM6k1v28IswqbwP3mLz3Osju%2B8ZvrN426gh4TGgOWrAG8irKgZV4mj1ZwG8U4mKfBzV7QoMbAxf5WMgoVbhOOY7"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1647940521027959
cache-control
public, max-age=1800
cf-ray
6f19b969eb0a5a1f-MXP
expires
Fri, 25 Mar 2022 19:01:34 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 12E9
240 B
702 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1549190&size_id=9&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=b221c772-a547-4c2c-a8e1-b8e0991a649d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.26176281370792975
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d027bb92262bb058938707c6b22bce25ecb11720e3f6d685b7f19e01ad464e6f

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:34 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
adx.adform.net/adx/ Frame 12E9
5 B
488 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc3NzA4OSZ0cmFuc2FjdGlvbklkPWIyMjFjNzcyLWE1NDctNGMyYy1hOGUxLWI4ZTA5OTFhNjQ5ZA%3D%3D&pt=gross&stid=dd66011d-fdf8-42fc-8901-87a664a7e048&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
auction
tlx.3lift.com/header/ Frame 12E9
19 B
470 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.106.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-106-38.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
accept-ch
sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-width,sec-ch-viewport-height,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-arch,sec-ch-rtt,sec-ch-downlink,sec-ch-ect,sec-ch-ua-bitness,sec-ch-prefers-color-scheme
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ Frame 12E9
0
222 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=7658329700
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame 12E9
0
64 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Fri, 25 Mar 2022 18:31:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame 12E9
37 B
335 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=621767&v=7.2&r=%7B%22id%22%3A%22112d5722490e306%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212aae934259eb63%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621767%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
407aab5e389bedf516bf8d5681a17043715aebce44cd403de98e7b9334de844a

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.43], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Fri, 25 Mar 2022 18:31:34 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 12E9
139 B
989 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9ae43fbd9162bf34d6cf9dcfea30f8c5edb3f0d94f3ee60a35032e245b4bf3da
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:34 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a0e42158-2366-467b-86c8-c9686c6a751b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame 12E9
73 B
101 B
XHR
General
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b221c772-a547-4c2c-a8e1-b8e0991a649d&nocache=1648233094699&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=160x600&divIds=18287011_gazetaexpress.com_ros_160x600&auid=540990853
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
2b104a8cec3cdffac179b2f1cdb936f8b95ad5a9402b4c45f376f7ed0515c4dd

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 12E9
0
343 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
loader.js
cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/ Frame 0ED4
77 KB
20 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
218b3725546e5eaa0ebe2e70202a7a33f86d4ae0602f9d7a6efcd568da1247e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
QPA0uFSuf3tjryjPCeR3qhFUbgQgLBnH
content-encoding
gzip
etag
"b93569283d9fcfe420832ada593a027d"
age
45
x-cache
HIT
content-length
20440
x-amz-id-2
MJ5XJL1lAl6u7RNSQsdYz2SEd395Mkc8fJGQWmrq620lHzGs2v+m2K4W/iOfWR1dEooRRgwGoIA=
x-served-by
cache-hhn4052-HHN
last-modified
Thu, 24 Mar 2022 10:25:28 GMT
server
AmazonS3
x-timer
S1648233095.734726,VS0,VE1
date
Fri, 25 Mar 2022 18:31:34 GMT
vary
Accept-Encoding
x-amz-request-id
FCQRT7BZPA7C8YHG
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
55
x-cache-hits
1
/
projectagora-483829-hdb.adomik.com/ Frame F4A3
0
103 B
Image
General
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiMDFkZmRmOWQtM2VhOS00MWVkLWJiYTYtNWRiNjAwYTgwZGFmIiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJDUklURU8ifSx7ImJpZGRlciI6IlRSSVBMRUxJRlQifSx7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IlBVQk1BVElDIn0seyJiaWRkZXIiOiJJWCJ9LHsiYmlkZGVyIjoiT1BFTlgifSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX0seyJwbGFjZW1lbnRDb2RlIjoiMTgyODcwMDZfZ2F6ZXRhZXhwcmVzcy5jb21fcm9zLTFfNzI4eDkwIiwic2l6ZXMiOlt7IndpZHRoIjowLCJoZWlnaHQiOjB9XSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbXSwicmVzcG9uc2VzIjpbeyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIiwicGxhY2VtZW50Q29kZSI6IjE4Mjg3MDA2X2dhemV0YWV4cHJlc3MuY29tX3Jvcy0xXzcyOHg5MCIsImlkIjoiMTllNTIwY2FlMjNiYmZjIiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAsInNpemUiOnsid2lkdGgiOjAsImhlaWdodCI6MH0sInRpbWVUb1Jlc3BvbmQiOjkxLCJhZnRlclRpbWVvdXQiOmZhbHNlfSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIiLCJwbGFjZW1lbnRDb2RlIjoiMTgyODcwMDZfZ2F6ZXRhZXhwcmVzcy5jb21fcm9zLTFfNzI4eDkwIiwiaWQiOiIxOWU1MjBjYWUyM2JiZmMiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MCwic2l6ZSI6eyJ3aWR0aCI6MCwiaGVpZ2h0IjowfSwidGltZVRvUmVzcG9uZCI6OTEsImFmdGVyVGltZW91dCI6ZmFsc2V9XSwid2lubmVycyI6W119fV19&id=01dfdf9d-3ea9-41ed-bba6-5db600a80daf&part=0&on=0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.79.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-79-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 25 Mar 2022 18:31:34 GMT
Server
nginx
localstore.js
script.4dex.io/ Frame 593B
483 B
561 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-type
application/javascript
x-amz-request-id
txcb277395650a4fbcbe1a5-00623993cb
x-amz-id-2
txcb277395650a4fbcbe1a5-00623993cb
last-modified
Tue, 22 Mar 2022 09:15:21 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5XVORwsgsMChr8rUTgxwtvPqUvAaOiNl9szESe6taR5IJ63gXaevKi9nEzSJ3ObdLA1izXOxC4mjbld4z11r6vMeRaA%2B49sVTCKZGSFFNPiTLRqy5E3V8bh%2BzpixDOYRTq4crhEIov1VUaL"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1647940521027959
cache-control
public, max-age=1800
cf-ray
6f19b969fb4a5a1f-MXP
expires
Fri, 25 Mar 2022 19:01:34 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 593B
267 B
729 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1380844&size_id=15&alt_size_ids=13%2C14%2C16%2C198&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=cfd3f78f-b17a-42df-ad7a-02a61b37607f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2790840581275167
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
237f2143451e98901ee3c11f616369fc0ade0f7f65a29f2efd26eb59e02a7997

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:34 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
267
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 593B
171 B
563 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
translator
hbopenbid.pubmatic.com/ Frame 593B
0
64 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Fri, 25 Mar 2022 18:31:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ Frame 593B
19 B
470 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.106.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-106-38.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
accept-ch
sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ect,sec-ch-downlink,sec-ch-rtt,sec-ch-ua-arch,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-viewport-height,sec-ch-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 593B
139 B
989 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
68d438a077c23974e2d624a6720f5f0b5dd21a507f3c91b6f81f3b6633d74da9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:34 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
cec2321a-56fa-4d58-bf22-934b7ee4ee1e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 593B
37 B
335 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=621768&v=7.2&r=%7B%22id%22%3A%22114192ac01964ee%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221205e279f3241f3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22133d66a2f22caa7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221205e279f3241f3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22200x200%22%7D%2C%22banner%22%3A%7B%22w%22%3A200%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221205e279f3241f3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22250x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221205e279f3241f3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22640x360%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A360%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ff59795b78562ddf271cbcc5e291e1f2599d1654b05e9c374d0da4755983fe63

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.43], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Fri, 25 Mar 2022 18:31:34 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame 593B
73 B
100 B
XHR
General
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cfd3f78f-b17a-42df-ad7a-02a61b37607f&nocache=1648233094720&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=300x250%2C200x200%2C250x250%2C336x280%2C640x360&divIds=16604718_gazetaexpress.com_inarticle-adtag_300x250&auid=540924445
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
ce9ba81e0490b81631df558f229c09a92906917b79d8d72b4123b9c8af26c876

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ Frame 593B
5 B
488 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY1MSZ0cmFuc2FjdGlvbklkPWNmZDNmNzhmLWIxN2EtNDJkZi1hZDdhLTAyYTYxYjM3NjA3Zg%3D%3D&pt=gross&stid=45ea5714-01fb-44be-b78a-50929e9e3ba1&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame 593B
0
222 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=82040386554
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pa_backupads_lib.js
projectagoralibs.com/libs/ Frame 6BA8
4 KB
1 KB
Script
General
Full URL
https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd9aa57367b6cc740caae552d411726e023cef38b4aab1ab365a7ce34b58d76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3474
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
E0F5CY80A74TZVG1
x-amz-id-2
ruOTvumuJwjryqGP6TtJpsbOZDz4i8T+FMwF/Ow3cTyFbnknjrH1eoKZFTXIqnZ3SsQdD4GiNN0=
last-modified
Tue, 20 Jul 2021 08:31:03 GMT
server
cloudflare
etag
W/"2d16b383f5bd347613b311222e31c59d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMq0WuSw2Y600PBwFUQsVUlWRd0DqdsopXm6rLkzLDctDVC3DT2DMH2Xex%2FnP2qNgcg3Nx%2BdZrobkrW2E7DQ00qN0MAcNn2MIuy6IGTOCyicQE5%2FWqr9KBd7srbVWvCwLCGGGJ5%2BFNePaNWMaMIHjwM0Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6f19b96b0ab77385-MRS
/
projectagora-483829-hdb.adomik.com/ Frame B783
0
103 B
Image
General
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiMzhiYTZjYWQtMzFjMi00NDljLTgwNjYtZWQxYWIwNWI1ODM0IiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJBREZPUk0ifSx7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6IlRSSVBMRUxJRlQifSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifSx7ImJpZGRlciI6Ik9QRU5YIn0seyJiaWRkZXIiOiJJWCJ9LHsiYmlkZGVyIjoiQ1JJVEVPIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiUlVCSUNPTiJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fSx7InBsYWNlbWVudENvZGUiOiIxNjU4ODA3NF9nYXpldGFleHByZXNzLmNvbV9yb3NfMzAweDI1MCIsInNpemVzIjpbeyJ3aWR0aCI6MCwiaGVpZ2h0IjowfV0sImV2ZW50cyI6eyJyZXF1ZXN0cyI6W10sInJlc3BvbnNlcyI6W3siYmlkZGVyIjoiU01BUlRBRFNFUlZFUiIsInBsYWNlbWVudENvZGUiOiIxNjU4ODA3NF9nYXpldGFleHByZXNzLmNvbV9yb3NfMzAweDI1MCIsImlkIjoiMTkwNmQyNTZlMzRhM2MiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MCwic2l6ZSI6eyJ3aWR0aCI6MCwiaGVpZ2h0IjowfSwidGltZVRvUmVzcG9uZCI6MTg2LCJhZnRlclRpbWVvdXQiOmZhbHNlfSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIiLCJwbGFjZW1lbnRDb2RlIjoiMTY1ODgwNzRfZ2F6ZXRhZXhwcmVzcy5jb21fcm9zXzMwMHgyNTAiLCJpZCI6IjE5MDZkMjU2ZTM0YTNjIiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAsInNpemUiOnsid2lkdGgiOjAsImhlaWdodCI6MH0sInRpbWVUb1Jlc3BvbmQiOjE4NiwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX1dLCJ3aW5uZXJzIjpbXX19XX0%3D&id=38ba6cad-31c2-449c-8066-ed1ab05b5834&part=0&on=0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.79.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-79-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 25 Mar 2022 18:31:34 GMT
Server
nginx
loader.js
cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/ Frame 574E
77 KB
20 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
218b3725546e5eaa0ebe2e70202a7a33f86d4ae0602f9d7a6efcd568da1247e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
QPA0uFSuf3tjryjPCeR3qhFUbgQgLBnH
content-encoding
gzip
etag
"b93569283d9fcfe420832ada593a027d"
age
45
x-cache
HIT
content-length
20440
x-amz-id-2
MJ5XJL1lAl6u7RNSQsdYz2SEd395Mkc8fJGQWmrq620lHzGs2v+m2K4W/iOfWR1dEooRRgwGoIA=
x-served-by
cache-hhn4052-HHN
last-modified
Thu, 24 Mar 2022 10:25:28 GMT
server
AmazonS3
x-timer
S1648233095.874236,VS0,VE0
date
Fri, 25 Mar 2022 18:31:34 GMT
vary
Accept-Encoding
x-amz-request-id
FCQRT7BZPA7C8YHG
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
55
x-cache-hits
2
/
projectagora-483829-hdb.adomik.com/ Frame 46CD
0
103 B
Image
General
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiN2U2ZGU1NDItMTFiZS00MTI0LWI1MWYtMWEyNTRhNTJhOWM4IiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJJWCJ9LHsiYmlkZGVyIjoiSVgifSx7ImJpZGRlciI6IlRSSVBMRUxJRlQifSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifSx7ImJpZGRlciI6IlBVQk1BVElDIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiT1BFTlgifSx7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiUlVCSUNPTiJ9LHsiYmlkZGVyIjoiQ1JJVEVPIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19LHsicGxhY2VtZW50Q29kZSI6IjE4Mjg3MDA2X2dhemV0YWV4cHJlc3MuY29tX3Jvcy0xXzcyOHg5MCIsInNpemVzIjpbeyJ3aWR0aCI6MCwiaGVpZ2h0IjowfV0sImV2ZW50cyI6eyJyZXF1ZXN0cyI6W10sInJlc3BvbnNlcyI6W3siYmlkZGVyIjoiU01BUlRBRFNFUlZFUiIsInBsYWNlbWVudENvZGUiOiIxODI4NzAwNl9nYXpldGFleHByZXNzLmNvbV9yb3MtMV83Mjh4OTAiLCJpZCI6IjE5NTJkNzEyNDlkMGFmNSIsInN0YXR1cyI6IlZBTElEIiwiY3BtIjowLCJzaXplIjp7IndpZHRoIjowLCJoZWlnaHQiOjB9LCJ0aW1lVG9SZXNwb25kIjoyNjksImFmdGVyVGltZW91dCI6ZmFsc2V9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiIsInBsYWNlbWVudENvZGUiOiIxODI4NzAwNl9nYXpldGFleHByZXNzLmNvbV9yb3MtMV83Mjh4OTAiLCJpZCI6IjE5NTJkNzEyNDlkMGFmNSIsInN0YXR1cyI6IlZBTElEIiwiY3BtIjowLCJzaXplIjp7IndpZHRoIjowLCJoZWlnaHQiOjB9LCJ0aW1lVG9SZXNwb25kIjoyNjksImFmdGVyVGltZW91dCI6ZmFsc2V9XSwid2lubmVycyI6W119fV19&id=7e6de542-11be-4124-b51f-1a254a52a9c8&part=0&on=0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.79.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-79-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 25 Mar 2022 18:31:34 GMT
Server
nginx
loader.js
cdn.taboola.com/libtrc/gazetaexpress160x600gr-r18287011/ Frame 4580
75 KB
20 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress160x600gr-r18287011/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d554aa1972f5b24ee0e4e02309f7ac003b4a5f4bea681a2382c6db7cc3483e22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
U9EVw0jxQemLr0aC1X2RabB.UrCfAmuR
content-encoding
gzip
etag
"822a0aab688682219aaf07ee5ec62ab2"
age
39
x-cache
HIT
content-length
20285
x-amz-id-2
K66qM56ux0UDlx47mJqcHChur7pTXPO/jE2B+NPNIfALkB3oPdRN06iJckaxaCLhb9PYWqM1lVg=
x-served-by
cache-hhn4052-HHN
last-modified
Thu, 24 Mar 2022 10:27:39 GMT
server
AmazonS3
x-timer
S1648233095.877177,VS0,VE1
date
Fri, 25 Mar 2022 18:31:34 GMT
vary
Accept-Encoding
x-amz-request-id
B0S389J7JK3DB2C0
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
55
x-cache-hits
1
/
projectagora-483829-hdb.adomik.com/ Frame 12E9
0
103 B
Image
General
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiZGQ2NjAxMWQtZmRmOC00MmZjLTg5MDEtODdhNjY0YTdlMDQ4IiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJBREZPUk0ifSx7ImJpZGRlciI6IlRSSVBMRUxJRlQifSx7ImJpZGRlciI6IkNSSVRFTyJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6IklYIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiT1BFTlgifSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=dd66011d-fdf8-42fc-8901-87a664a7e048&part=0&on=0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.79.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-79-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 25 Mar 2022 18:31:34 GMT
Server
nginx
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220323&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da0a0a3c37b16eec4c507d06a74851b873ece856ee3c51796c343d8b47e3f57b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10531
x-xss-protection
0
localstore.js
script.4dex.io/ Frame CC05
483 B
551 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-type
application/javascript
x-amz-request-id
txcb277395650a4fbcbe1a5-00623993cb
x-amz-id-2
txcb277395650a4fbcbe1a5-00623993cb
last-modified
Tue, 22 Mar 2022 09:15:21 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WTS3ifFf18DGbVq4j0rMSc%2BpoLMjojOdD9cJ1nq4kF62pbUqkcQdBJB5URWgZ5s%2FurbkYhSx7RZqftXhlchxguXrlmZlEIq1mQkvDXH0o5G2vtkigHwl93G0YeaVcN1cE14%2BDL78xLe19fU"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1647940521027959
cache-control
public, max-age=1800
cf-ray
6f19b96b2e7d5a1f-MXP
expires
Fri, 25 Mar 2022 19:01:34 GMT
/
adx.adform.net/adx/ Frame CC05
5 B
488 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY1MSZ0cmFuc2FjdGlvbklkPTdhMmM4YWI1LTc1ODktNDc2NS04MWQ2LTg5MzJhOWM1ZTA2ZA%3D%3D&pt=gross&stid=be3c1f6a-746d-4a61-998d-f821c17425ce&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cygnus
htlb.casalemedia.com/ Frame CC05
36 B
334 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=621768&v=7.2&r=%7B%22id%22%3A%223ea78c33077d85%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2244b272bc62e8fd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%225b3d264251bb8d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2244b272bc62e8fd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22200x200%22%7D%2C%22banner%22%3A%7B%22w%22%3A200%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2244b272bc62e8fd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22250x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2244b272bc62e8fd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22640x360%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A360%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8acd0cfd1ce55d0b8210b48e4beccdf535dc9942dfd204ed0ffe3ad4a3c499e4

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:35 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.43], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Fri, 25 Mar 2022 18:31:35 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame CC05
73 B
101 B
XHR
General
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7a2c8ab5-7589-4765-81d6-8932a9c5e06d&nocache=1648233094894&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=300x250%2C200x200%2C250x250%2C336x280%2C640x360&divIds=16604718_gazetaexpress.com_inarticle-adtag_300x250&auid=540924445
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
281c30e5911a6a2a0f11f84fe5c2921edf457b6a927a40b3f12ee8efa0d1abd5

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ Frame CC05
19 B
470 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.106.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-106-38.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
accept-ch
sec-ch-ua-arch,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-viewport-height,sec-ch-width,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ect,sec-ch-downlink,sec-ch-rtt
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ Frame CC05
0
222 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=29606971889
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Mar 2022 18:31:33 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame CC05
0
64 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Fri, 25 Mar 2022 18:31:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame CC05
171 B
563 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame CC05
267 B
729 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1380844&size_id=15&alt_size_ids=13%2C14%2C16%2C198&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=7a2c8ab5-7589-4765-81d6-8932a9c5e06d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8284629884838046
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
226406df1498959d59fc39f2a004f1c9b40a72dbdb29adc764381394a381447f

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:34 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
267
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame CC05
138 B
988 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b55c9010c45abfd0c281922089972a552d2d6caca371411a407bf7065082ed65
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:34 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ddc3c6b7-f9db-47cb-9ce6-9b7584bd9310
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
loader.js
cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/ Frame BE27
77 KB
20 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41abb8d234f849550edb1918b1c8b6170cb332dfc5155f1254d5e4b4ca7bdd70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Z9FPXnCK9eJxE1Hu0G62CL3Bc.sLUrH2
content-encoding
gzip
etag
"04baf94ed1c6e4eaa7ba3bc44f958975"
age
75
x-cache
HIT
content-length
20456
x-amz-id-2
rFeJGDBHvwgmQpFvwodIUWtCunC9TUDL/i9jVuAq0yUtURCfNLK4TY0eJdDYz/jdtsVQuexzWPE=
x-served-by
cache-hhn4052-HHN
last-modified
Thu, 24 Mar 2022 10:32:41 GMT
server
AmazonS3
x-timer
S1648233095.932147,VS0,VE1
date
Fri, 25 Mar 2022 18:31:34 GMT
vary
Accept-Encoding
x-amz-request-id
V2TEH46DYKTBSVYP
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
55
x-cache-hits
1
/
projectagora-483829-hdb.adomik.com/ Frame 593B
0
103 B
Image
General
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNDVlYTU3MTQtMDFmYi00NGJlLWI3OGEtNTA5MjllOWUzYmExIiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJQVUJNQVRJQyJ9LHsiYmlkZGVyIjoiVFJJUExFTElGVCJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IklYIn0seyJiaWRkZXIiOiJJWCJ9LHsiYmlkZGVyIjoiT1BFTlgifSx7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiQ1JJVEVPIn0seyJiaWRkZXIiOiJDUklURU8ifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX0seyJwbGFjZW1lbnRDb2RlIjoiMTY2MDQ3MThfZ2F6ZXRhZXhwcmVzcy5jb21faW5hcnRpY2xlLWFkdGFnXzMwMHgyNTAiLCJzaXplcyI6W3sid2lkdGgiOjAsImhlaWdodCI6MH1dLCJldmVudHMiOnsicmVxdWVzdHMiOltdLCJyZXNwb25zZXMiOlt7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIiLCJwbGFjZW1lbnRDb2RlIjoiMTY2MDQ3MThfZ2F6ZXRhZXhwcmVzcy5jb21faW5hcnRpY2xlLWFkdGFnXzMwMHgyNTAiLCJpZCI6IjIxMTA2YTYxMGEzYmI1YiIsInN0YXR1cyI6IlZBTElEIiwiY3BtIjowLCJzaXplIjp7IndpZHRoIjowLCJoZWlnaHQiOjB9LCJ0aW1lVG9SZXNwb25kIjoyMTIsImFmdGVyVGltZW91dCI6ZmFsc2V9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiIsInBsYWNlbWVudENvZGUiOiIxNjYwNDcxOF9nYXpldGFleHByZXNzLmNvbV9pbmFydGljbGUtYWR0YWdfMzAweDI1MCIsImlkIjoiMjExMDZhNjEwYTNiYjViIiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAsInNpemUiOnsid2lkdGgiOjAsImhlaWdodCI6MH0sInRpbWVUb1Jlc3BvbmQiOjIxMiwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX1dLCJ3aW5uZXJzIjpbXX19XX0%3D&id=45ea5714-01fb-44be-b78a-50929e9e3ba1&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.79.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-79-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 25 Mar 2022 18:31:34 GMT
Server
nginx
adagio.js
script.4dex.io/ Frame B783
72 KB
22 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
292429
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txb25b7ac46bfe451eb6b76-0062399402
x-amz-id-2
txb25b7ac46bfe451eb6b76-0062399402
last-modified
Tue, 22 Mar 2022 09:15:19 GMT
server
cloudflare
etag
W/"f6062b9ed3c12dab430d5d33afafadb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MvL4ixOO1LTtz8tNO5duVAo9yXCWmQf8vL2smS0q%2BjXgJIUKy0XPchV9LlgIiDgiEajAQtPQPw0jpf8yYKp3cgk9xzYUEA0DG8wvwmlSGnUN33dvbHfbEderSYjXK%2B4vltQsFaV8tNlMBaEg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647940519211847
cf-ray
6f19b96b5b2e0e1a-MXP
access-control-allow-headers
Authorization
adagio.js
script.4dex.io/ Frame 593B
72 KB
22 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
292429
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txb25b7ac46bfe451eb6b76-0062399402
x-amz-id-2
txb25b7ac46bfe451eb6b76-0062399402
last-modified
Tue, 22 Mar 2022 09:15:19 GMT
server
cloudflare
etag
W/"f6062b9ed3c12dab430d5d33afafadb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CP1%2BTD3SpS3Ydxzs0YvSNNd4yLlH66pOxvvHs4cTGTcLZHT%2BMYKPdgBTv2PqeAD7vNIvgfYG84X5x4%2FftrnC1a%2FWnERGxW5QFsfdrC5toGWnVKXTk%2F1xKXzNpc%2F0pqPcX8zoGfb8WjIqQipR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647940519211847
cf-ray
6f19b96b5b380e1a-MXP
access-control-allow-headers
Authorization
adagio.js
script.4dex.io/ Frame 12E9
72 KB
22 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
292429
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txb25b7ac46bfe451eb6b76-0062399402
x-amz-id-2
txb25b7ac46bfe451eb6b76-0062399402
last-modified
Tue, 22 Mar 2022 09:15:19 GMT
server
cloudflare
etag
W/"f6062b9ed3c12dab430d5d33afafadb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYvO4%2BbU80%2FJLR2SU%2BTQSMDIr1M76QaeXzhnSyMiuiVuJXtBlZhoQYaMY75Xa9THb4E4s34U3WE0SokyvMhsxR50iif63rZLGNJJ%2BZlie29MWGJgIytfd%2Fq3n25tozUNJRoiqEr0u5ln%2B%2Fhj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647940519211847
cf-ray
6f19b96b5b320e1a-MXP
access-control-allow-headers
Authorization
impl.20220324-4-RELEASE.js
cdn.taboola.com/libtrc/ Frame 0ED4
621 KB
129 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
824ef51868c56d7a98bc86a6eae03e4e5232ff6dd17e5898c6654a9e137385e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Mw8kLQDj6xZnIEiGJy1mFZgwdRLVEzCB
content-encoding
br
etag
"30fdbd2b8216dad5a78fe11520641cfe"
age
2777
x-cache
HIT
content-length
131463
x-amz-id-2
PTrjHJ2O+HpLl+488V5ml2/GGAkg13B4I2VVEh89jE7TnSrsB6p6nXlJXV/W2ECHTq7oQvdUy3k=
x-served-by
cache-hhn4052-HHN
last-modified
Thu, 24 Mar 2022 09:43:17 GMT
server
AmazonS3-br
x-timer
S1648233095.944125,VS0,VE0
date
Fri, 25 Mar 2022 18:31:34 GMT
vary
Accept-Encoding
x-amz-request-id
473Z84SSAF39R5VB
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
2243
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Mar 2022 18:31:35 GMT
impl.20220324-4-RELEASE.js
cdn.taboola.com/libtrc/ Frame 574E
621 KB
129 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
824ef51868c56d7a98bc86a6eae03e4e5232ff6dd17e5898c6654a9e137385e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Mw8kLQDj6xZnIEiGJy1mFZgwdRLVEzCB
content-encoding
br
etag
"30fdbd2b8216dad5a78fe11520641cfe"
age
2777
x-cache
HIT
content-length
131463
x-amz-id-2
PTrjHJ2O+HpLl+488V5ml2/GGAkg13B4I2VVEh89jE7TnSrsB6p6nXlJXV/W2ECHTq7oQvdUy3k=
x-served-by
cache-hhn4052-HHN
last-modified
Thu, 24 Mar 2022 09:43:17 GMT
server
AmazonS3-br
x-timer
S1648233095.960927,VS0,VE0
date
Fri, 25 Mar 2022 18:31:34 GMT
vary
Accept-Encoding
x-amz-request-id
473Z84SSAF39R5VB
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
2244
impl.20220324-4-RELEASE.js
cdn.taboola.com/libtrc/ Frame 4580
621 KB
129 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress160x600gr-r18287011/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
824ef51868c56d7a98bc86a6eae03e4e5232ff6dd17e5898c6654a9e137385e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Mw8kLQDj6xZnIEiGJy1mFZgwdRLVEzCB
content-encoding
br
etag
"30fdbd2b8216dad5a78fe11520641cfe"
age
2777
x-cache
HIT
content-length
131463
x-amz-id-2
PTrjHJ2O+HpLl+488V5ml2/GGAkg13B4I2VVEh89jE7TnSrsB6p6nXlJXV/W2ECHTq7oQvdUy3k=
x-served-by
cache-hhn4052-HHN
last-modified
Thu, 24 Mar 2022 09:43:17 GMT
server
AmazonS3-br
x-timer
S1648233095.962583,VS0,VE0
date
Fri, 25 Mar 2022 18:31:34 GMT
vary
Accept-Encoding
x-amz-request-id
473Z84SSAF39R5VB
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
2245
adagio.js
script.4dex.io/ Frame CC05
72 KB
22 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
292429
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txb25b7ac46bfe451eb6b76-0062399402
x-amz-id-2
txb25b7ac46bfe451eb6b76-0062399402
last-modified
Tue, 22 Mar 2022 09:15:19 GMT
server
cloudflare
etag
W/"f6062b9ed3c12dab430d5d33afafadb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fa8PVaBUDhBYmGxcp9%2Bm3KVi3k%2BYOfWdFfVRf2KBwnZIbxOYRRbHl1g3i73SJH8INh8dYNAebDsrBNRrOMv0HwiJHif42L%2FmP6PXgQ2ApMbp38OcEiRR1O5WJ74K68CdtvP73TqhQL3qElPF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647940519211847
cf-ray
6f19b96b9bed0e1a-MXP
access-control-allow-headers
Authorization
impl.20220324-4-RELEASE.js
cdn.taboola.com/libtrc/ Frame BE27
621 KB
129 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
824ef51868c56d7a98bc86a6eae03e4e5232ff6dd17e5898c6654a9e137385e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Mw8kLQDj6xZnIEiGJy1mFZgwdRLVEzCB
content-encoding
br
etag
"30fdbd2b8216dad5a78fe11520641cfe"
age
2777
x-cache
HIT
content-length
131463
x-amz-id-2
PTrjHJ2O+HpLl+488V5ml2/GGAkg13B4I2VVEh89jE7TnSrsB6p6nXlJXV/W2ECHTq7oQvdUy3k=
x-served-by
cache-hhn4052-HHN
last-modified
Thu, 24 Mar 2022 09:43:17 GMT
server
AmazonS3-br
x-timer
S1648233095.968797,VS0,VE0
date
Fri, 25 Mar 2022 18:31:34 GMT
vary
Accept-Encoding
x-amz-request-id
473Z84SSAF39R5VB
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
2246
loader.js
cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/ Frame E767
77 KB
20 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41abb8d234f849550edb1918b1c8b6170cb332dfc5155f1254d5e4b4ca7bdd70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Z9FPXnCK9eJxE1Hu0G62CL3Bc.sLUrH2
content-encoding
gzip
etag
"04baf94ed1c6e4eaa7ba3bc44f958975"
age
75
x-cache
HIT
content-length
20456
x-amz-id-2
rFeJGDBHvwgmQpFvwodIUWtCunC9TUDL/i9jVuAq0yUtURCfNLK4TY0eJdDYz/jdtsVQuexzWPE=
x-served-by
cache-hhn4052-HHN
last-modified
Thu, 24 Mar 2022 10:32:41 GMT
server
AmazonS3
x-timer
S1648233095.027726,VS0,VE0
date
Fri, 25 Mar 2022 18:31:35 GMT
vary
Accept-Encoding
x-amz-request-id
V2TEH46DYKTBSVYP
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
55
x-cache-hits
2
/
projectagora-483829-hdb.adomik.com/ Frame CC05
0
103 B
Image
General
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiYmUzYzFmNmEtNzQ2ZC00YTYxLTk5OGQtZjgyMWMxNzQyNWNlIiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJBREZPUk0ifSx7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiSVgifSx7ImJpZGRlciI6IklYIn0seyJiaWRkZXIiOiJPUEVOWCJ9LHsiYmlkZGVyIjoiVFJJUExFTElGVCJ9LHsiYmlkZGVyIjoiQ1JJVEVPIn0seyJiaWRkZXIiOiJDUklURU8ifSx7ImJpZGRlciI6IlBVQk1BVElDIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fSx7InBsYWNlbWVudENvZGUiOiIxNjYwNDcxOF9nYXpldGFleHByZXNzLmNvbV9pbmFydGljbGUtYWR0YWdfMzAweDI1MCIsInNpemVzIjpbeyJ3aWR0aCI6MCwiaGVpZ2h0IjowfV0sImV2ZW50cyI6eyJyZXF1ZXN0cyI6W10sInJlc3BvbnNlcyI6W3siYmlkZGVyIjoiU01BUlRBRFNFUlZFUiIsInBsYWNlbWVudENvZGUiOiIxNjYwNDcxOF9nYXpldGFleHByZXNzLmNvbV9pbmFydGljbGUtYWR0YWdfMzAweDI1MCIsImlkIjoiMjEwYjMzZDUyOWRkMGJhIiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAsInNpemUiOnsid2lkdGgiOjAsImhlaWdodCI6MH0sInRpbWVUb1Jlc3BvbmQiOjY5LCJhZnRlclRpbWVvdXQiOmZhbHNlfSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIiLCJwbGFjZW1lbnRDb2RlIjoiMTY2MDQ3MThfZ2F6ZXRhZXhwcmVzcy5jb21faW5hcnRpY2xlLWFkdGFnXzMwMHgyNTAiLCJpZCI6IjIxMGIzM2Q1MjlkZDBiYSIsInN0YXR1cyI6IlZBTElEIiwiY3BtIjowLCJzaXplIjp7IndpZHRoIjowLCJoZWlnaHQiOjB9LCJ0aW1lVG9SZXNwb25kIjo2OSwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX1dLCJ3aW5uZXJzIjpbXX19XX0%3D&id=be3c1f6a-746d-4a61-998d-f821c17425ce&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.79.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-79-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 25 Mar 2022 18:31:35 GMT
Server
nginx
json
trc.taboola.com/gazetaexpress300x250hu-r16604718/trc/3/ Frame BE27
3 KB
2 KB
XHR
General
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16604718/trc/3/json?tim=18%3A31%3A35.125&lti=deflated&data=%7B%22id%22%3A21%2C%22ii%22%3A%22%2Fdyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1648117955771%2C%22vi%22%3A1648233095123%2C%22cv%22%3A%2220220324-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%2C%22vpi%22%3A%22%2Fdyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit%22%2C%22e%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22gazetaexpressDisplay-16604718%22%2C%22orig_uip%22%3A%22gazetaexpressDisplay-16604718%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fdyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit%2CgazetaexpressDisplay-16604718%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
534bfbb1bce49aca2d5e1f7d6c73cc09e5bcc440be66e843007a3492c1668495

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
102
date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
gzip
server
nginx
x-timer
S1648233095.135518,VS0,VE102
x-served-by
cache-hhn4052-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F869
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 25 Mar 2022 17:41:57 GMT
expires
Sat, 25 Mar 2023 17:41:57 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
2978
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame BEE7
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f46d4265672d0160d3f769a40a3c5cbf206a750fe633150973259b13fbb3ed0b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oDTH8mFeq1iWVb0qERk6HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 25 Mar 2022 18:31:35 GMT
date
Fri, 25 Mar 2022 18:31:35 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-oDTH8mFeq1iWVb0qERk6HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
impl.20220324-4-RELEASE.js
cdn.taboola.com/libtrc/ Frame E767
621 KB
129 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
824ef51868c56d7a98bc86a6eae03e4e5232ff6dd17e5898c6654a9e137385e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Mw8kLQDj6xZnIEiGJy1mFZgwdRLVEzCB
content-encoding
br
etag
"30fdbd2b8216dad5a78fe11520641cfe"
age
2777
x-cache
HIT
content-length
131463
x-amz-id-2
PTrjHJ2O+HpLl+488V5ml2/GGAkg13B4I2VVEh89jE7TnSrsB6p6nXlJXV/W2ECHTq7oQvdUy3k=
x-served-by
cache-hhn4052-HHN
last-modified
Thu, 24 Mar 2022 09:43:17 GMT
server
AmazonS3-br
x-timer
S1648233095.160015,VS0,VE0
date
Fri, 25 Mar 2022 18:31:35 GMT
vary
Accept-Encoding
x-amz-request-id
473Z84SSAF39R5VB
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
2247
XiW-l_2i5aVoH8u79KLQHFanU8pv7NVYiw1EHy6cTgU.js
pagead2.googlesyndication.com/bg/ Frame F869
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/XiW-l_2i5aVoH8u79KLQHFanU8pv7NVYiw1EHy6cTgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e25be97fda2e5a5681fcbbbf4a2d01c56a753ca6fecd5588b0d441f2e9c4e05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 15:59:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
9111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13735
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Mar 2023 15:59:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BEE7
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220323&jk=767084410462239&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

json
trc.taboola.com/gazetaexpress300x250hu-r16604718/trc/3/ Frame E767
3 KB
2 KB
XHR
General
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16604718/trc/3/json?tim=18%3A31%3A35.203&lti=deflated&data=%7B%22id%22%3A122%2C%22ii%22%3A%22%2Fdyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1648117955771%2C%22vi%22%3A1648233095123%2C%22cv%22%3A%2220220324-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%2C%22vpi%22%3A%22%2Fdyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit%22%2C%22e%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22gazetaexpressDisplay-16604718%22%2C%22orig_uip%22%3A%22gazetaexpressDisplay-16604718%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fdyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit%2CgazetaexpressDisplay-16604718%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b0f1990e5b0178f5ccef7e285c86d07d309c4ab83927b626f75d5658f1347513

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
175
date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
gzip
server
nginx
x-timer
S1648233095.208397,VS0,VE175
x-served-by
cache-hhn4052-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
debug
trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/ Frame E767
0
90 B
Image
General
Full URL
https://trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/debug?tim=18%3A31%3A35.201&type=info&msg=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&llvl=2&id=8925&cv=20220324-4-RELEASE&lt=deflated&uuid=b8cecaaa6ce25133d72eaa82fa1f6205f567186b8f45854deb10a80094d0ab64&dcc=1&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12951
debug
trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/ Frame E767
0
89 B
Image
General
Full URL
https://trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/debug?tim=18%3A31%3A35.202&type=info&msg=%7B%22mode%22%3A%22thumbnails-a%22%2C%22container%22%3A%22taboola-gazetaexpressdisplay-16604718%22%2C%22placement%22%3A%22gazetaexpressDisplay-16604718%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=3902&cv=20220324-4-RELEASE&lt=deflated&uuid=b8cecaaa6ce25133d72eaa82fa1f6205f567186b8f45854deb10a80094d0ab64&dcc=2&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12951
debug
trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/ Frame E767
0
89 B
Image
General
Full URL
https://trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/debug?tim=18%3A31%3A35.203&type=info&msg=gazetaexpressDisplay-16604718%20thumbnails-a&llvl=2&id=9497&cv=20220324-4-RELEASE&lt=deflated&uuid=b8cecaaa6ce25133d72eaa82fa1f6205f567186b8f45854deb10a80094d0ab64&dcc=3&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12951
userx.20220324-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame BE27
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20220324-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93c5e6e7d777a743592f0e4a871d7046c4b1a7cc66eef8ed5f79f2f0d2a7cc27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
PEgVzq_dL4GWTNJcsnRN7la4bRIMUNu2
content-encoding
gzip
etag
"2c0a44934531d90f315db845e8dff195"
fastly-original-body-size
17869
age
20
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5398
x-amz-id-2
DSWSDiKKrfN5gkL7wS4QZjlorKkocRlchUEi9y8gpGRdwcXjpRUya77jAkCDHsTPZBireFipnnM=
x-served-by
cache-hhn4052-HHN
last-modified
Thu, 24 Mar 2022 10:16:54 GMT
server
AmazonS3
x-timer
S1648233095.260345,VS0,VE0
date
Fri, 25 Mar 2022 18:31:35 GMT
vary
Accept-Encoding
x-amz-request-id
YEF4N6CANEHTMD9J
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
31
x-cache-hits
2
349107c3-52d3-4d11-9120-b39ba0355feb_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/ Frame BE27
10 KB
11 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/349107c3-52d3-4d11-9120-b39ba0355feb_1000x600.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
17e52ef4f8d793e26ef6578dc8cba66ccae0f18f0ee19a5157587bc2f161159f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 25 Mar 2022 18:31:35 GMT
via
1.1 varnish, 1.1 varnish
fastly-original-body-size
10492
age
729740
edge-cache-tag
350538634958123572245115168273728696174,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag
350538634958123572245115168273728696174,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
117
expiration
expiry-date="Thu, 24 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/349107c3-52d3-4d11-9120-b39ba0355feb_1000x600.jpeg
content-length
10492
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Mon, 21 Feb 2022 15:54:37 GMT
server
nginx
x-timer
S1648233095.284049,VS0,VE1
etag
"3f5ce78b5d2df90907526edbd3f9f181"
x-served-by
cache-bwi5044-BWI, cache-iad-kcgs7200107-IAD, cache-hhn4052-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
debug
am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/ Frame BE27
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/debug?tim=18%3A31%3A35.295&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=1523&cv=20220324-4-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12927
generate_204
tpc.googlesyndication.com/ Frame F869
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?ZWu6jg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
349107c3-52d3-4d11-9120-b39ba0355feb_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/ Frame BE27
10 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/349107c3-52d3-4d11-9120-b39ba0355feb_1000x600.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
17e52ef4f8d793e26ef6578dc8cba66ccae0f18f0ee19a5157587bc2f161159f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 25 Mar 2022 18:31:35 GMT
via
1.1 varnish, 1.1 varnish
fastly-original-body-size
10492
age
729740
edge-cache-tag
350538634958123572245115168273728696174,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag
350538634958123572245115168273728696174,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
117
expiration
expiry-date="Thu, 24 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/349107c3-52d3-4d11-9120-b39ba0355feb_1000x600.jpeg
content-length
10492
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Mon, 21 Feb 2022 15:54:37 GMT
server
nginx
x-timer
S1648233095.311157,VS0,VE0
etag
"3f5ce78b5d2df90907526edbd3f9f181"
x-served-by
cache-bwi5044-BWI, cache-iad-kcgs7200107-IAD, cache-hhn4052-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
/
c.mgid.com/pv/
0
280 B
Script
General
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1648233095370741511301&ogtitle=Dyshohet%20se%20Koreja%20e%20Veriut%20l%C3%ABshoi%20raket%C3%ABn%20m%C3%AB%20t%C3%AB%20madhe%20t%C3%AB%205%20viteve%20t%C3%AB%20fundit%20-%20Gazeta%20Express&uniqId=0e80a&childs=1214277&lct=1647907200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.gazetaexpress.com%2Fdyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit%2F&lu=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&sessionId=623e0a87-03be7&pageView=1&pvid=17fc25920ca84c44434&site=634059&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6f19b96e2c8b6997-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
userx.20220324-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame E767
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20220324-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93c5e6e7d777a743592f0e4a871d7046c4b1a7cc66eef8ed5f79f2f0d2a7cc27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
PEgVzq_dL4GWTNJcsnRN7la4bRIMUNu2
content-encoding
gzip
etag
"2c0a44934531d90f315db845e8dff195"
fastly-original-body-size
17869
age
20
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5398
x-amz-id-2
DSWSDiKKrfN5gkL7wS4QZjlorKkocRlchUEi9y8gpGRdwcXjpRUya77jAkCDHsTPZBireFipnnM=
x-served-by
cache-hhn4052-HHN
last-modified
Thu, 24 Mar 2022 10:16:54 GMT
server
AmazonS3
x-timer
S1648233095.419843,VS0,VE0
date
Fri, 25 Mar 2022 18:31:35 GMT
vary
Accept-Encoding
x-amz-request-id
YEF4N6CANEHTMD9J
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
31
x-cache-hits
3
fix-user-id
trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/ Frame E767
0
94 B
Image
General
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/fix-user-id?lti=deflated&ri=aeb43edca250c3ab2c2d1379cddbba08&sd=v2_1376d0c3283b2e3c53917f0c9411266a_4baa3e0f-da8b-4609-9716-1ae1834f2e4e-tuct9379007_1648233095_1648233095_CIi3jgYQwqxKGNO_5JL8LyABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGjb_5X0ga2ul6YBcAA&ui=4baa3e0f-da8b-4609-9716-1ae1834f2e4e-tuct9379007&pi=/dyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit&wi=-1531111767901498398&pt=text&vi=1648233095123&time=1648233095410&fromUser=80ebc69f-45a4-4c74-9a90-96fc74744ada-tuct9379007&toUser=4baa3e0f-da8b-4609-9716-1ae1834f2e4e-tuct9379007&fromSD=v2_a17528859c4610ddb510942cba8b162e_80ebc69f-45a4-4c74-9a90-96fc74744ada-tuct9379007_1648233095_1648233095_CIi3jgYQwqxKGNO_5JL8LyABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGjb_5X0ga2ul6YBcAA&toSD=v2_1376d0c3283b2e3c53917f0c9411266a_4baa3e0f-da8b-4609-9716-1ae1834f2e4e-tuct9379007_1648233095_1648233095_CIi3jgYQwqxKGNO_5JL8LyABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGjb_5X0ga2ul6YBcAA&tim=18%3A31%3A35.410&id=4478&llvl=2&cv=20220324-4-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Fri, 25 Mar 2022 18:31:35 GMT
via
1.1 varnish
server
nginx
x-timer
S1648233095.419942,VS0,VE9
x-served-by
cache-hhn4052-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
debug
am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/ Frame E767
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/debug?tim=18%3A31%3A35.412&type=info&msg=Start%20Rendering%20gazetaexpressDisplay-16604718&llvl=2&id=9552&cv=20220324-4-RELEASE&lt=deflated&uuid=b8cecaaa6ce25133d72eaa82fa1f6205f567186b8f45854deb10a80094d0ab64&dcc=4&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14045
debug
am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/ Frame E767
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/debug?tim=18%3A31%3A35.413&type=info&msg=Finish%20Rendering%20gazetaexpressDisplay-16604718&llvl=2&id=1721&cv=20220324-4-RELEASE&lt=deflated&uuid=b8cecaaa6ce25133d72eaa82fa1f6205f567186b8f45854deb10a80094d0ab64&dcc=5&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14045
debug
am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/ Frame E767
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/debug?tim=18%3A31%3A35.434&type=info&msg=Finish%20Rendering%20gazetaexpressDisplay-16604718&llvl=2&id=145&cv=20220324-4-RELEASE&lt=deflated&uuid=b8cecaaa6ce25133d72eaa82fa1f6205f567186b8f45854deb10a80094d0ab64&dcc=6&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13999
mgid_ua.svg
cdn.mgid.com/images/mgid/
2 KB
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
2517
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
WYJFAHZEWX29G5P1
x-amz-id-2
7OhnRNS5qYiPixt1bdMACoBnVA6U2fTn+4wxcph9JgZ8A6Wf5wu7tffo1ahPOZVgwaHgPHNZELo=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6f19b96e9d626997-FRA
expires
Sat, 26 Mar 2022 18:31:35 GMT
Adchoices.svg
cdn.mgid.com/images/logos/
836 B
905 B
Image
General
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
1438
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
TAP7D9AX42CTQWCM
x-amz-id-2
yWiQkf6i6fP7LLOyAenFd/HG+4L6aOdgW5NCjbh4tPZbMZ6HKWByoWrIYipkAdjN8x6oyYYEkno=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6f19b96e9d646997-FRA
expires
Sat, 26 Mar 2022 18:31:35 GMT
8585580e-aefa-4ebd-929a-0c89835856e7_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/ Frame E767
4 KB
5 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/8585580e-aefa-4ebd-929a-0c89835856e7_1000x600.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
50fd5a4d7302005b2bb31436f6743af67b474b4551c5df0f0ab51bf38ea073b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 25 Mar 2022 18:31:35 GMT
via
1.1 varnish, 1.1 varnish
age
701881
edge-cache-tag
596434996659448730638065573816241813897,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag
596434996659448730638065573816241813897,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
683
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/8585580e-aefa-4ebd-929a-0c89835856e7_1000x600.jpeg
content-length
4554
x-request-id
d81a4dd123c7eec2c28842ed81f74723
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Thu, 17 Mar 2022 15:05:09 GMT
server
nginx
x-timer
S1648233095.461266,VS0,VE1
etag
"a74bdebb1f858228bb92c5c2d9435e6a"
x-served-by
cache-bwi5048-BWI, cache-iad-kjyo7100164-IAD, cache-hhn4052-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
debug
am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/ Frame E767
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/debug?tim=18%3A31%3A35.466&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=1533&cv=20220324-4-RELEASE&lt=deflated&uuid=b8cecaaa6ce25133d72eaa82fa1f6205f567186b8f45854deb10a80094d0ab64&dcc=7&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
16354
8585580e-aefa-4ebd-929a-0c89835856e7_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/ Frame E767
4 KB
5 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/8585580e-aefa-4ebd-929a-0c89835856e7_1000x600.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
50fd5a4d7302005b2bb31436f6743af67b474b4551c5df0f0ab51bf38ea073b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 25 Mar 2022 18:31:35 GMT
via
1.1 varnish, 1.1 varnish
age
701881
edge-cache-tag
596434996659448730638065573816241813897,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag
596434996659448730638065573816241813897,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
683
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/8585580e-aefa-4ebd-929a-0c89835856e7_1000x600.jpeg
content-length
4554
x-request-id
d81a4dd123c7eec2c28842ed81f74723
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Thu, 17 Mar 2022 15:05:09 GMT
server
nginx
x-timer
S1648233095.486908,VS0,VE0
etag
"a74bdebb1f858228bb92c5c2d9435e6a"
x-served-by
cache-bwi5048-BWI, cache-iad-kjyo7100164-IAD, cache-hhn4052-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2
mgid_ua.svg
cdn.mgid.com/images/mgid/
2 KB
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
2435
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FY75M483VQ0RS4R6
x-amz-id-2
3td4GNUX2tJJZai6Tif2rz0qn3ro67myUS5cc5EioymHV19ydIdJYSwLJRKhk0xdu1fu45gSc6g=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6f19b96eda969bc2-FRA
expires
Sat, 26 Mar 2022 18:31:35 GMT
Adchoices.svg
cdn.mgid.com/images/logos/
836 B
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
5910
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G7XVAWHV2A1TM5YQ
x-amz-id-2
YTUD+eplGac2nzDoCf6mNAS+SFRWUcCYJKczG3n8f/90lY7q4TeiITaNexYchgGjMS0Xbxxxcvw=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6f19b96eda979bc2-FRA
expires
Sat, 26 Mar 2022 18:31:35 GMT
json
trc.taboola.com/gazetaexpress728x90gr-r18287006/trc/3/ Frame 0ED4
1 KB
1 KB
XHR
General
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/trc/3/json?tim=18%3A31%3A35.628&lti=deflated&data=%7B%22id%22%3A180%2C%22ii%22%3A%22%2Fdyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3A%224baa3e0f-da8b-4609-9716-1ae1834f2e4e-tuct9379007%22%2C%22uifp%22%3A%224baa3e0f-da8b-4609-9716-1ae1834f2e4e-tuct9379007%22%2C%22lbt%22%3A1648117496017%2C%22vi%22%3A1648233095123%2C%22cv%22%3A%2220220324-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%2C%22vpi%22%3A%22%2Fdyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit%22%2C%22e%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2218287006%22%2C%22orig_uip%22%3A%2218287006%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fdyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit%2C18287006%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
923820ef5968252dbf8ecdb34623b9ec4b717097cca947ebe75ab68b9303f3d3

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
73
date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
gzip
server
nginx
x-timer
S1648233096.632745,VS0,VE73
x-served-by
cache-hhn4052-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
1
servicer.mgid.com/1002277/
6 KB
3 KB
Script
General
Full URL
https://servicer.mgid.com/1002277/1?pv=5&cbuster=1648233095645568285875&ogtitle=Dyshohet%20se%20Koreja%20e%20Veriut%20l%C3%ABshoi%20raket%C3%ABn%20m%C3%AB%20t%C3%AB%20madhe%20t%C3%AB%205%20viteve%20t%C3%AB%20fundit%20-%20Gazeta%20Express&uniqId=0e80a&childs=1214277&lct=1647907200&niet=4g&nisd=false&jsv=es6&w=824&h=253&wrongImageSize=1&cols=3&ref=&cxurl=https%3A%2F%2Fwww.gazetaexpress.com%2Fdyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit%2F&lu=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&sessionId=623e0a87-03be7&pageView=1&pvid=17fc25920ca84c44434&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8d94a4440c39a1d6a82be26deccb1b3e91f3cfd02487783e77be0c708b45d10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
6f19b96fef8c6997-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
json
trc.taboola.com/gazetaexpress728x90gr-r18287006/trc/3/ Frame 574E
6 KB
3 KB
XHR
General
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/trc/3/json?tim=18%3A31%3A35.647&lti=deflated&data=%7B%22id%22%3A869%2C%22ii%22%3A%22%2Fdyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3A%224baa3e0f-da8b-4609-9716-1ae1834f2e4e-tuct9379007%22%2C%22uifp%22%3A%224baa3e0f-da8b-4609-9716-1ae1834f2e4e-tuct9379007%22%2C%22lbt%22%3A1648117496017%2C%22vi%22%3A1648233095123%2C%22cv%22%3A%2220220324-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%2C%22vpi%22%3A%22%2Fdyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit%22%2C%22e%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2218287006%22%2C%22orig_uip%22%3A%2218287006%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fdyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit%2C18287006%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ccda4da841b8ef2c4a4b3992f781f1e49de766e3f4eb09dbef8732b850ae6b9c

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
86
date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
gzip
server
nginx
x-timer
S1648233096.652302,VS0,VE86
x-served-by
cache-hhn4052-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
json
trc.taboola.com/gazetaexpress160x600gr-r18287011/trc/3/ Frame 4580
1 KB
1 KB
XHR
General
Full URL
https://trc.taboola.com/gazetaexpress160x600gr-r18287011/trc/3/json?tim=18%3A31%3A35.654&lti=deflated&data=%7B%22id%22%3A368%2C%22ii%22%3A%22%2Fdyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3A%224baa3e0f-da8b-4609-9716-1ae1834f2e4e-tuct9379007%22%2C%22uifp%22%3A%224baa3e0f-da8b-4609-9716-1ae1834f2e4e-tuct9379007%22%2C%22lbt%22%3A1648117625331%2C%22vi%22%3A1648233095123%2C%22cv%22%3A%2220220324-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%2C%22vpi%22%3A%22%2Fdyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit%22%2C%22e%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A160%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A600%2C%22dw%22%3A160%2C%22dh%22%3A600%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2218287011%22%2C%22orig_uip%22%3A%2218287011%22%2C%22cd%22%3A0%2C%22mw%22%3A160%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fdyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit%2C18287011%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7f89c3732c62f58253fc474411f7bf051f526e7c474684a90eb3b9d7582a5084

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
159
date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
gzip
server
nginx
x-timer
S1648233096.663754,VS0,VE159
x-served-by
cache-hhn4052-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
1
servicer.mgid.com/1190148/
2 KB
1 KB
Script
General
Full URL
https://servicer.mgid.com/1190148/1?w=824&h=110&wrongImageSize=1&cols=1&pv=5&cbuster=1648233095656808676955&ogtitle=Dyshohet%20se%20Koreja%20e%20Veriut%20l%C3%ABshoi%20raket%C3%ABn%20m%C3%AB%20t%C3%AB%20madhe%20t%C3%AB%205%20viteve%20t%C3%AB%20fundit%20-%20Gazeta%20Express&uniqId=12016&lct=1647907200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.gazetaexpress.com%2Fdyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit%2F&lu=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&sessionId=623e0a87-03be7&pageView=0&pvid=17fc25920ca84c44434&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b639e0a5a8be83f82e9bb1b0c8a520a769ec3a988f0d40aa8a23c8c769b17696

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
6f19b96fef926997-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mgid_ua.svg
cdn.mgid.com/images/mgid/
2 KB
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
2435
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FY75M483VQ0RS4R6
x-amz-id-2
3td4GNUX2tJJZai6Tif2rz0qn3ro67myUS5cc5EioymHV19ydIdJYSwLJRKhk0xdu1fu45gSc6g=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6f19b9702e5e9bc2-FRA
expires
Sat, 26 Mar 2022 18:31:35 GMT
Adchoices.svg
cdn.mgid.com/images/logos/
836 B
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
5910
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G7XVAWHV2A1TM5YQ
x-amz-id-2
YTUD+eplGac2nzDoCf6mNAS+SFRWUcCYJKczG3n8f/90lY7q4TeiITaNexYchgGjMS0Xbxxxcvw=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6f19b9702e649bc2-FRA
expires
Sat, 26 Mar 2022 18:31:35 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfMzk4LHlfNDI3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC9lMTc0N...
s-img.mgid.com/g/11739830/492x277/-/
47 KB
48 KB
Image
General
Full URL
https://s-img.mgid.com/g/11739830/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfMzk4LHlfNDI3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC9lMTc0N2RhOTcyMGVkMzg5NjIyMzk3YzE3ZmNkMTNlNy5qcGc.webp?v=1648233095-mOBkuoLwzBHZIoftY4aL0fbye6CR2rUHTmLhJj1W-EQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d00d07904d0e6271ebef873c9137ac45e0b2e6b7c3c043e161fd68dc08f326c4

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:46:40 GMT
x-mg-request-uuid
3b34e226-e3ec-4536-b981-c01514548baf
age
387920
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f19b97079629a23-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48504
server
cloudflare
aHR0cHM6Ly93d3cuZ2F6ZXRhZXhwcmVzcy5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjIvMDMvNjQwLTAtZ3JpZGEtZHVtYS1sdWx6aW0tYmFzaGEtMS0zNDEtNjQweDM3NS0xLmpwZw.webp
s-img.mgid.com/l/556371/492x277/-/
12 KB
13 KB
Image
General
Full URL
https://s-img.mgid.com/l/556371/492x277/-/aHR0cHM6Ly93d3cuZ2F6ZXRhZXhwcmVzcy5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjIvMDMvNjQwLTAtZ3JpZGEtZHVtYS1sdWx6aW0tYmFzaGEtMS0zNDEtNjQweDM3NS0xLmpwZw.webp?v=1648233095-YidWyN-VB1KZQo3BFVmuvcYYqHmxlir9vjcCJEGFO44
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec42cccb7771c6efe498b7b7e7e673c1ad7f6002677e18868aab194307e867d5

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
cf-cache-status
HIT
last-modified
Sat, 19 Mar 2022 15:28:07 GMT
x-mg-request-uuid
cc17cc6b-15e1-4751-b485-3b868cdbdb0b
age
33484
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f19b97079699a23-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12502
server
cloudflare
outstream.css
video-native.mgid.com/mgPlayer/css/1.11/
18 KB
3 KB
Stylesheet
General
Full URL
https://video-native.mgid.com/mgPlayer/css/1.11/outstream.css
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
daef238eaa5fe22f8304c0c9cae17157ba58b44188f67eb11f17b59fb1d248be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 15:08:40 GMT
server
nginx
etag
"4885-5cc0a12ca1c8c-gzip"
vary
Accept-Encoding
x-cached-since
2022-03-22T11:42:55+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
2617
expires
Wed, 22 Mar 2023 11:42:54 GMT
debug
am-trc-events.taboola.com/gazetaexpress728x90gr-r18287006/log/2/ Frame 0ED4
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/gazetaexpress728x90gr-r18287006/log/2/debug?tim=18%3A31%3A35.718&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-a&llvl=2&id=9228&cv=20220324-4-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21015
int_exchange_wages_ad.svg
cdn.mgid.com/images/mgid/
1 KB
990 B
Image
General
Full URL
https://cdn.mgid.com/images/mgid/int_exchange_wages_ad.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
6429
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
3SH1PSEVTV59CSZD
x-amz-id-2
XhfZJEMZtqNRHMPQFgf1ChgjEe5aAVOEA+stQfffi10CROCVcSfBok4n4zqXcrod+98lm0aCye8=
last-modified
Mon, 04 May 2020 12:16:53 GMT
server
cloudflare
etag
W/"37346cd2daeeec771e8ffe3a34ef43ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6f19b9706efa9bc2-FRA
expires
Sat, 26 Mar 2022 18:31:35 GMT
mgid_ua.svg
cdn.mgid.com/images/mgid/
2 KB
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
2435
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FY75M483VQ0RS4R6
x-amz-id-2
3td4GNUX2tJJZai6Tif2rz0qn3ro67myUS5cc5EioymHV19ydIdJYSwLJRKhk0xdu1fu45gSc6g=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6f19b9706efe9bc2-FRA
expires
Sat, 26 Mar 2022 18:31:35 GMT
Adchoices.svg
cdn.mgid.com/images/logos/
836 B
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
5910
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G7XVAWHV2A1TM5YQ
x-amz-id-2
YTUD+eplGac2nzDoCf6mNAS+SFRWUcCYJKczG3n8f/90lY7q4TeiITaNexYchgGjMS0Xbxxxcvw=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6f19b9706f029bc2-FRA
expires
Sat, 26 Mar 2022 18:31:35 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMTg0OGY4MmJmOGQzNjg3Z...
s-img.mgid.com/g/11739864/492x277/-/
13 KB
14 KB
Image
General
Full URL
https://s-img.mgid.com/g/11739864/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMTg0OGY4MmJmOGQzNjg3ZDAyMzk2OWE1NjdiZDZkNjUucG5n.webp?v=1648233095-oBh6XxRmMe3lgOjO_VcuUXUf6SAqUV8e5yvEtoysK-U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
893272f386161bc5de59f161622195fa4cc580b63e4f49d21d495394a3e09972

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid
604172c3-5081-45b1-8d3b-917ff2c5af3f
age
406251
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f19b97079649a23-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13774
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2I0YTNkMTMzZGI4ZjY4M...
s-img.mgid.com/g/11739876/492x277/-/
12 KB
12 KB
Image
General
Full URL
https://s-img.mgid.com/g/11739876/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2I0YTNkMTMzZGI4ZjY4MTljM2ZlNzU0NTE2MDJjYjUuanBlZw.webp?v=1648233095-Krz55w0flsboz11kV1LED0Z9byOsMePZMkdNBISG0yM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd0f29b4b5495d092c10dc6b7cfba7542f00870aeb505ece7058c69f2f55db8

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:46:05 GMT
x-mg-request-uuid
226152ff-6c69-4e72-9708-23a6d404b0b2
age
436888
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f19b97079639a23-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12160
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvM2NmYjc4OTBmMjc1N2UwO...
s-img.mgid.com/g/11739845/492x277/-/
19 KB
19 KB
Image
General
Full URL
https://s-img.mgid.com/g/11739845/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvM2NmYjc4OTBmMjc1N2UwOWZhYTcwZGQzODQxZTliMTQucG5n.webp?v=1648233095-ukQPQK2KHF451Y5ZdVd1G10dN-6tYbJ6aP4-E3ZSgt4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aab9e2e7c2f73090b47d4bfd4c17c79b9cfbf629e28d86a15bd79c414d7e2ec4

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:46:05 GMT
x-mg-request-uuid
75cc9747-f3e7-41c4-b4c3-d424944b5386
age
423893
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f19b97079659a23-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19212
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNDFhYTAwNDliZTFiMTQ2Z...
s-img.mgid.com/g/11739857/492x277/-/
32 KB
33 KB
Image
General
Full URL
https://s-img.mgid.com/g/11739857/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNDFhYTAwNDliZTFiMTQ2ZThhZGM3MTU3OWQxOTI3OTMuanBlZw.webp?v=1648233095-QzA7nyfKqY6GKNG7YwL5CYJ-c8zCMzS_x6FhukBdQ48
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3a4032a23d7f94be7a6b3199fc6e227d8933d280fc0d3d3d842117a61a7dc94

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid
38cd58e5-ea09-4839-82a0-79e636e8b0e7
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f19b97079669a23-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33276
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy8xMDE5MjQvZmU2N2U1NmZhYjE4NTc2N...
s-img.mgid.com/g/11739839/492x277/-/
11 KB
12 KB
Image
General
Full URL
https://s-img.mgid.com/g/11739839/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy8xMDE5MjQvZmU2N2U1NmZhYjE4NTc2NGI0NTA1MTc0ZmExNjc2YTguanBlZw.webp?v=1648233095-Cct23CFI9ZXcMXum89EoGykRqy9NZmiS4ciEXSRv8Y4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e724d102e9bdc7dfaddd395c778e2e16c041aac0be0e5694811d0ad0e376c61

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:52:38 GMT
x-mg-request-uuid
561bda28-7dee-40ca-b38d-b614d9f5bebe
age
27032
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f19b97089879a23-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11548
server
cloudflare
mgWidget_1.11.87.es6.js
cdn.mgid.com/js/wglibs/
319 KB
64 KB
Script
General
Full URL
https://cdn.mgid.com/js/wglibs/mgWidget_1.11.87.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
536bb1cf7e5e542325a3d7fbcd156fa3c495c47550b7709bd1962b02af0b3188

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
6621
last-modified
Wed, 16 Mar 2022 10:31:45 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
0KYBDWZQJ7R3Y87D
x-amz-id-2
wYvkg8oW20CsNOUdYwcUQF/LNtI8LsA+OfX1R3XyXZLGxd7mMjgNbRWF0L80Wd1DTSK5L4qZppQ=
cf-bgj
minify
server
cloudflare
etag
W/"a682ed1108bc5c40e9be1182d3660b85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
6f19b9706f049bc2-FRA
expires
Sat, 26 Mar 2022 18:31:35 GMT
userx.20220324-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 574E
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20220324-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93c5e6e7d777a743592f0e4a871d7046c4b1a7cc66eef8ed5f79f2f0d2a7cc27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
PEgVzq_dL4GWTNJcsnRN7la4bRIMUNu2
content-encoding
gzip
etag
"2c0a44934531d90f315db845e8dff195"
fastly-original-body-size
17869
age
20
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5398
x-amz-id-2
DSWSDiKKrfN5gkL7wS4QZjlorKkocRlchUEi9y8gpGRdwcXjpRUya77jAkCDHsTPZBireFipnnM=
x-served-by
cache-hhn4052-HHN
last-modified
Thu, 24 Mar 2022 10:16:54 GMT
server
AmazonS3
x-timer
S1648233096.761060,VS0,VE0
date
Fri, 25 Mar 2022 18:31:35 GMT
vary
Accept-Encoding
x-amz-request-id
YEF4N6CANEHTMD9J
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
31
x-cache-hits
4
i.js
cm.mgid.com/
0
91 B
Script
General
Full URL
https://cm.mgid.com/i.js?&cbuster=1648233095766771908945
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
6f19b970a8fa6997-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
kate-upton-2-0.jpg%3Fwidth%3D1200%26auto%3Dwebp%26quality%3D75
images.taboola.com/taboola/image/fetch/h_86,w_120,c_fill,g_xy_center,x_831,y_610/https%3A//static.independent.co.uk/s3fs-public/thumbnails/image/2019/12/19/07/ Frame 574E
2 KB
3 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_86,w_120,c_fill,g_xy_center,x_831,y_610/https%3A//static.independent.co.uk/s3fs-public/thumbnails/image/2019/12/19/07/kate-upton-2-0.jpg%3Fwidth%3D1200%26auto%3Dwebp%26quality%3D75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5ef84fee90a05070f263c7fda2cd0c506d0c701450cfc42be2a07f8cc816cd48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 25 Mar 2022 18:31:35 GMT
via
1.1 varnish, 1.1 varnish
age
717289
edge-cache-tag
479848705208540556681065830451392140961,450461214793828224655582411940273428390,29ecf9b93bbf306179626feeda1fab70
cache-tag
479848705208540556681065830451392140961,450461214793828224655582411940273428390,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
183
expiration
expiry-date="Wed, 30 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/h_86,w_120,c_fill,g_xy_center,x_831,y_610/https%3A//static.independent.co.uk/s3fs-public/thumbnails/image/2019/12/19/07/kate-upton-2-0.jpg%3Fwidth%3D1200%26auto%3Dwebp%26quality%3D75
content-length
2488
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sun, 27 Feb 2022 22:04:33 GMT
server
nginx
x-timer
S1648233096.778041,VS0,VE1
etag
"bdf89f62176c025216f5b1e8decad846"
x-served-by
cache-bwi5047-BWI, cache-iad-kjyo7100119-IAD, cache-hhn4052-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
img_62289654401d42.89463180_01Z3NXpeRTFtlhNO20PaWd34M6DGEVgRPP8mVdn7I5jtPjHvel_tb-safe-03.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//eam-images-p.contentiq.com/ Frame 574E
3 KB
3 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//eam-images-p.contentiq.com/img_62289654401d42.89463180_01Z3NXpeRTFtlhNO20PaWd34M6DGEVgRPP8mVdn7I5jtPjHvel_tb-safe-03.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7891a0c5ddf9d2e0710fac4acfa34649708a091808411c8bc12b5bc22a4d33e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 25 Mar 2022 18:31:35 GMT
via
1.1 varnish, 1.1 varnish
fastly-original-body-size
2586
age
595073
edge-cache-tag
344247269036571086800012649416463837894,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
cache-tag
344247269036571086800012649416463837894,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
205
expiration
expiry-date="Mon, 11 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//eam-images-p.contentiq.com/img_62289654401d42.89463180_01Z3NXpeRTFtlhNO20PaWd34M6DGEVgRPP8mVdn7I5jtPjHvel_tb-safe-03.jpg
content-length
2586
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Fri, 11 Mar 2022 18:50:50 GMT
server
nginx
x-timer
S1648233096.783405,VS0,VE1
etag
"87cee95b9b4d398da24763afaefc2045"
x-served-by
cache-wdc5527-WDC, cache-iad-kiad7000032-IAD, cache-hhn4052-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
1-4-768x499_1000x600_4d29f2c81c4aa806e81ef8aaf1be8b31.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ Frame 574E
3 KB
4 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/1-4-768x499_1000x600_4d29f2c81c4aa806e81ef8aaf1be8b31.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c0203b0a0e930ad4f43e19276e5d61b74e1f75004b80021364df276bf491a6c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 25 Mar 2022 18:31:35 GMT
via
1.1 varnish, 1.1 varnish
age
1948294
edge-cache-tag
535110936973761746947810611381458002333,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
cache-tag
535110936973761746947810611381458002333,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
73
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/1-4-768x499_1000x600_4d29f2c81c4aa806e81ef8aaf1be8b31.png
content-length
2858
x-request-id
a5b2edd316ce708aecb30427651b226f
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Tue, 08 Feb 2022 22:55:38 GMT
server
nginx
x-timer
S1648233096.783545,VS0,VE1
etag
"add95b257f495a9488803c2eb4a5f676"
x-served-by
cache-bwi5047-BWI, cache-iad-kjyo7100155-IAD, cache-hhn4052-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
debug
am-trc-events.taboola.com/gazetaexpress728x90gr-r18287006/log/2/ Frame 574E
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/gazetaexpress728x90gr-r18287006/log/2/debug?tim=18%3A31%3A35.795&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=3129&cv=20220324-4-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20016
i-noref.js
cm.mgid.com/ Frame 8773
0
38 B
Script
General
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1648233095796180430226
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
6f19b970c9346997-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
kate-upton-2-0.jpg%3Fwidth%3D1200%26auto%3Dwebp%26quality%3D75
images.taboola.com/taboola/image/fetch/h_86,w_120,c_fill,g_xy_center,x_831,y_610/https%3A//static.independent.co.uk/s3fs-public/thumbnails/image/2019/12/19/07/ Frame 574E
2 KB
3 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_86,w_120,c_fill,g_xy_center,x_831,y_610/https%3A//static.independent.co.uk/s3fs-public/thumbnails/image/2019/12/19/07/kate-upton-2-0.jpg%3Fwidth%3D1200%26auto%3Dwebp%26quality%3D75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5ef84fee90a05070f263c7fda2cd0c506d0c701450cfc42be2a07f8cc816cd48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 25 Mar 2022 18:31:35 GMT
via
1.1 varnish, 1.1 varnish
age
717289
edge-cache-tag
479848705208540556681065830451392140961,450461214793828224655582411940273428390,29ecf9b93bbf306179626feeda1fab70
cache-tag
479848705208540556681065830451392140961,450461214793828224655582411940273428390,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
183
expiration
expiry-date="Wed, 30 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/h_86,w_120,c_fill,g_xy_center,x_831,y_610/https%3A//static.independent.co.uk/s3fs-public/thumbnails/image/2019/12/19/07/kate-upton-2-0.jpg%3Fwidth%3D1200%26auto%3Dwebp%26quality%3D75
content-length
2488
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sun, 27 Feb 2022 22:04:33 GMT
server
nginx
x-timer
S1648233096.806613,VS0,VE0
etag
"bdf89f62176c025216f5b1e8decad846"
x-served-by
cache-bwi5047-BWI, cache-iad-kjyo7100119-IAD, cache-hhn4052-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
img_62289654401d42.89463180_01Z3NXpeRTFtlhNO20PaWd34M6DGEVgRPP8mVdn7I5jtPjHvel_tb-safe-03.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//eam-images-p.contentiq.com/ Frame 574E
3 KB
3 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//eam-images-p.contentiq.com/img_62289654401d42.89463180_01Z3NXpeRTFtlhNO20PaWd34M6DGEVgRPP8mVdn7I5jtPjHvel_tb-safe-03.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7891a0c5ddf9d2e0710fac4acfa34649708a091808411c8bc12b5bc22a4d33e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 25 Mar 2022 18:31:35 GMT
via
1.1 varnish, 1.1 varnish
fastly-original-body-size
2586
age
595073
edge-cache-tag
344247269036571086800012649416463837894,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
cache-tag
344247269036571086800012649416463837894,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
205
expiration
expiry-date="Mon, 11 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//eam-images-p.contentiq.com/img_62289654401d42.89463180_01Z3NXpeRTFtlhNO20PaWd34M6DGEVgRPP8mVdn7I5jtPjHvel_tb-safe-03.jpg
content-length
2586
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Fri, 11 Mar 2022 18:50:50 GMT
server
nginx
x-timer
S1648233096.806707,VS0,VE0
etag
"87cee95b9b4d398da24763afaefc2045"
x-served-by
cache-wdc5527-WDC, cache-iad-kiad7000032-IAD, cache-hhn4052-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
debug
am-trc-events.taboola.com/gazetaexpress160x600gr-r18287011/log/2/ Frame 4580
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/gazetaexpress160x600gr-r18287011/log/2/debug?tim=18%3A31%3A35.830&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-a&llvl=2&id=3797&cv=20220324-4-RELEASE&lt=deflated&uuid=e517d14320d9d2392503d135063be2472952ceadaefafada94f4a60cfde49b02&dcc=1&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19159
1-4-768x499_1000x600_4d29f2c81c4aa806e81ef8aaf1be8b31.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ Frame 574E
3 KB
4 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/1-4-768x499_1000x600_4d29f2c81c4aa806e81ef8aaf1be8b31.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c0203b0a0e930ad4f43e19276e5d61b74e1f75004b80021364df276bf491a6c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 25 Mar 2022 18:31:35 GMT
via
1.1 varnish, 1.1 varnish
age
1948294
edge-cache-tag
535110936973761746947810611381458002333,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
cache-tag
535110936973761746947810611381458002333,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
73
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/1-4-768x499_1000x600_4d29f2c81c4aa806e81ef8aaf1be8b31.png
content-length
2858
x-request-id
a5b2edd316ce708aecb30427651b226f
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Tue, 08 Feb 2022 22:55:38 GMT
server
nginx
x-timer
S1648233096.837908,VS0,VE0
etag
"add95b257f495a9488803c2eb4a5f676"
x-served-by
cache-bwi5047-BWI, cache-iad-kjyo7100155-IAD, cache-hhn4052-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220323&jk=767084410462239&bg=!q6ilqOzNAAbzJazn0yU7ACkAdvg8Wt6a5uiH8oH0dlLeHmhivYYxtRTHbbwiZTK2tei-PDI2NgHMLgIAAAB0UgAAAANoAQcKAJP7uTLjcc9Go0FgWCH90fh5UhN9NY-BfZ_vxn_5nnpdPFisCAjLV3H-6o1U1E589VPvia0TgYSKjh5Wx2HDMPYbOmZ0eGwjLS3tSF6EZLti-EjPnAK1p5koa-pRsn_ssVY_EO3OfBVVEuAERT_rPQZRmRWsNxxxBCnhc1VnR3zS3MzTQx5Ux8ZI3htNW7TbbbG3KFeZAtP3Bb7Bt17r-vXbeKOy_5UuWuUCuzTLuGc2k6XjjYEcKvb_-vJY8DiNv3_KkngnwMg0gLzG77jUPUmmkixCH8WH-iqzpILw2kRRzRErEtGM30H6Bz56MYAGM0apZ3WmLe3oamj3KxF2Wwkgwisb34dLkT6gpJ5c4nW7oKcq97dFDxPE-pNzYp6GrMoMO7kbA0MYPD9CyMjQWFfCeKiQ34x-NYo3m2KXH4DsIBEy_rxWPWwQgRDdiRw2S92dqE15tc2DRh9oAthpzWPIzR1UeJryyEPdeJ9bv8Zl-myaVgC4MVmiw3ow-zHl6AxFC-qoTVTxKPJRo5aKW8aNt0NWHztrsLz2A99Gd_caNhsEIY3QlF1lly6LsgmfQQNBRP3AherNplqzgW7WP91xV-2wFRD3igxSG_Thap-Urxt0aK5zMuhtZsuAYI45FSkHD_p_QkTzOZOOa7KrVX1EPb02-GAw74lJE3vA3m5kDGZH_xT22mLkEilyYuA7mmovMCmijMWzaZrFsf_tj3qwv8rTH3DV5QmBEl1AC9nIcIM2XbG8HCohkjANay3slxkinE6FsgJW9su3xLHOJDZ5gf2qk-5xKnxTDjA0BLImilNyoP2QTtuo4EfjRWp3y9V1jV-Q2om0ot-Be8JDYKTA1ZlQYpRhlZpWh-avVR8nPRC7Ofpei3s4sSCOL_90m3IoDQogq5kd3aD_R12ov4GX4jaQppfzmxajx496VYPnKpvPbdISpqSD3Ep_K5WPRBuLqy-v22HknFfPMjpTFxjSfp8Q7I3722dGpn-kIGIGq4KVa1vxZ5Z-vwU-DonJG4heHFaATq39bzzHcRsgLTFVM6_FNMPyOQDSksQv4aVLUnZO7guVkbGLWvSA1imSK-1wMB-POZHP6jWIxaaWdn53xUSqBzQdQYzqLZ-3u4_cQqIO6kjKSKueAcM-HZ6HrJN3BGoGcVBS8a8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

1
servicer.mgid.com/1000638/ Frame 79F3
1 KB
1 KB
Script
General
Full URL
https://servicer.mgid.com/1000638/1?w=0&h=-1&wrongImageSize=1&maxw_1=0&maxh_1=0&cols=1&pv=5&cbuster=1648233095872329295066&uniqId=11331&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.gazetaexpress.com%2Fdyshohet-se-koreja-e-veriut-leshoi-raketen-me-te-madhe-te-5-viteve-te-fundit%2F&lu=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&sessionId=623e0a87-03be7&pageView=0&pvid=17fc25920ca84c44434&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1000638.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b78b6eacf2d3d7dbbbb8376b06fd8e2ae781e0be6f339224fc37196a66232716

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
6f19b97139209bc2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
spt
tg1.aniview.com/api/adserver/
16 KB
5 KB
Script
General
Full URL
https://tg1.aniview.com/api/adserver/spt?AV_TAGID=62275f105b58c742646fbf76&AV_PUBLISHERID=59f9ead1073ef4627e1810fd&AV_CDIM1=desktop&AV_CUSTOM1=undefined&AV_CDIM2=0&AV_CDIM3=outstream&AV_CDIM4=1002277&AV_CDIM5=cd40afff-ac69-11ec-8470-e43d1a2a96ea&AV_CDIM6=11
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.87.es6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:12d:4ab::2c79 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ee190fba510a680f2be53182c43b9c8238bb2b1f92a4907275c1eba61bd91d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 25 Mar 2022 18:31:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length
4615
Expires
Fri, 25 Mar 2022 18:36:36 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvY2EyYWI2YmE4ZmJiNDI0Z...
s-img.mgid.com/g/11739873/492x277/-/ Frame 79F3
20 KB
20 KB
Image
General
Full URL
https://s-img.mgid.com/g/11739873/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvY2EyYWI2YmE4ZmJiNDI0ZTVkOWFiYTRkYzIxZGVkMjAucG5n.webp?v=1648233095-djInDqX0urv7RwIcbyHwKskUHl687bh7BPPzRH5JoOo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26cf4453783f0965a47a2281abec28445f27f8ff34d33dd47528706dd4de10bb

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:35 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:52:46 GMT
x-mg-request-uuid
07536391-2191-49fe-b59e-70e420aefc10
age
24643
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f19b971ae6191f6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20262
server
cloudflare
i.js
cm.mgid.com/ Frame 79F3
0
229 B
Script
General
Full URL
https://cm.mgid.com/i.js?&cbuster=1648233095951637271763
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1000638.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
6f19b971ba649bc2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
i-noref.js
cm.mgid.com/ Frame 92A4
0
229 B
Script
General
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1648233095967464495676
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1000638.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
6f19b971da9f9bc2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
graphql
s333.adxpremium.services/
84 B
533 B
XHR
General
Full URL
https://s333.adxpremium.services/graphql
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3189334.ip-152-228-222.eu
Software
/
Resource Hash
02213e2aa607820897b9836c2456601304d19c46b4f4b75d35bb20dc7cf4efe6

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
access-control-allow-methods
HEAD, GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-GraphQL-Event-Stream
x-graphql-event-stream
/graphql/stream
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
content-length
84
graphql
s333.adxpremium.services/ Frame
0
0
Preflight
General
Full URL
https://s333.adxpremium.services/graphql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3189334.ip-152-228-222.eu
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
*
access-control-allow-methods
HEAD, GET, POST
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
access-control-expose-headers
X-GraphQL-Event-Stream
x-graphql-event-stream
/graphql/stream
date
Fri, 25 Mar 2022 18:31:36 GMT
content-length
0
player.js
player.aniview.com/script/6.1/
26 KB
10 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/player.js
Requested by
Host: tg1.aniview.com
URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=62275f105b58c742646fbf76&AV_PUBLISHERID=59f9ead1073ef4627e1810fd&AV_CDIM1=desktop&AV_CUSTOM1=undefined&AV_CDIM2=0&AV_CDIM3=outstream&AV_CDIM4=1002277&AV_CDIM5=cd40afff-ac69-11ec-8470-e43d1a2a96ea&AV_CDIM6=11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:12d:495::2c79 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
eeead248868138b8e6f49f895e81497fbcef0d3a402b7ba997553ac211b448f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdts5dAcnbXzSBzslBlT13wGXTIkrw9-niVbPUAD829hh4PUINdmiOf9UH8gQw1G4kIA99mK3gpjyme3fKYEtmQzUyAobQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9411
last-modified
Wed, 23 Mar 2022 07:00:06 GMT
server
UploadServer
etag
"3e22639e49625f151a5d6165ee48cd54"
vary
Accept-Encoding
x-goog-hash
crc32c=SgaS2A==, md5=PiJjnkliXxUaXWFl7kjNVA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1648018806813075
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9411
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 25 Mar 2022 18:36:36 GMT
track
track1.aniview.com/
0
71 B
Image
General
Full URL
https://track1.aniview.com/track?pid=59f9ead1073ef4627e1810fd&cid=62275ecce36d7d10c0062e14&cb=1648233096024&r=www.gazetaexpress.com&stagid=62275f105b58c742646fbf76&stplid=621dfaa1d69de723ea304de6&d35=&e=playerLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.33.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-33-244.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
c.mgid.com/vs/
43 B
361 B
Image
General
Full URL
https://c.mgid.com/vs/?tid=0&iid=1002277&e=load&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%22cd40afff-ac69-11ec-8470-e43d1a2a96ea%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Direct%22%7D&t=0&c=49477
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6f19b9723b679bc2-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
AVmanager.js
player.aniview.com/script/6.1/ Frame EFBD
364 KB
103 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:12d:495::2c79 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
32391e5d56d10900eccaf5ff6040224e96de4e09db5739aa213c4bb09779d579

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt_O1h73aL4_BVK-PcLoJZsu1xpVaz37c0VSswrNiy1F5_ikaGNNBWwB1zvHmsg9bdriZHoJqbfEGYE2wApk2aZSx-qmw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
104575
last-modified
Wed, 23 Mar 2022 06:59:54 GMT
server
UploadServer
etag
"02948485f0faba4c05b4a0eb92dd6f40"
vary
Accept-Encoding
x-goog-hash
crc32c=uG63EQ==, md5=ApSEhfD6ukwFtKDrkt1vQA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1648018794693190
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
104575
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 25 Mar 2022 18:36:36 GMT
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?r=www.gazetaexpress.com&sn=&cd1=desktop&cd2=0&cd3=outstream&cd4=1002277&cd5=cd40afff-ac69-11ec-8470-e43d1a2a96ea&cd6=11&ic=0&tgt=0&app=&wi=416&he=234&test=&d36=6.2.12&apppkg=&fv=3&proto=https&pid=59f9ead1073ef4627e1810fd&cid=62275ecce36d7d10c0062e14&stagid=62275f105b58c742646fbf76&stplid=621dfaa1d69de723ea304de6&e=inventory&vi=0&cb=1648233096298
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.33.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-33-244.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bulk
trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/ Frame BE27
0
263 B
XHR
General
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
via
1.1 varnish
server
nginx
x-timer
S1648233096.315944,VS0,VE10
x-served-by
cache-hhn4052-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame BE27
254 B
752 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
11828
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by
cache-hhn4052-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1648233096.315944,VS0,VE0
date
Fri, 25 Mar 2022 18:31:36 GMT
x-amz-request-id
DM4PBFJ9QH08DD7N
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
31
x-cache-hits
1633
truncated
/
331 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
740 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
384 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
782 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
395 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
449 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
480 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/
4 KB
2 KB
XHR
General
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=62275f105b58c742646fbf76&AV_PUBLISHERID=59f9ead1073ef4627e1810fd&AV_CDIM1=desktop&AV_CUSTOM1=undefined&AV_CDIM2=0&AV_CDIM3=outstream&AV_CDIM4=1002277&AV_CDIM5=cd40afff-ac69-11ec-8470-e43d1a2a96ea&AV_CDIM6=11&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&AV_CHANNELID=62275ecce36d7d10c0062e14&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.gazetaexpress.com&AV_DADPOS=3&AV_TAG=62275f105b58c742646fbf76&AV_TEMPLATE=621dfaa1d69de723ea304de6&d36=6.2.12&responsive=1&sver=2&avtoken=96298&AV_WIDTH=416&AV_HEIGHT=234&AV_DNT=0&cb=1648233096327
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.191.202 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-191-202.compute-1.amazonaws.com
Software
/
Resource Hash
3bc6c15887a94c5f1fb3636f77d03d5d974cc64286e1da561a76e81c624b4a12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 14 Mar 2022 04:44:56 GMT
bulk
trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/ Frame E767
0
60 B
XHR
General
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
via
1.1 varnish
server
nginx
x-timer
S1648233096.467875,VS0,VE9
x-served-by
cache-hhn4052-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame E767
254 B
325 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
11828
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by
cache-hhn4052-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1648233096.498143,VS0,VE0
date
Fri, 25 Mar 2022 18:31:36 GMT
x-amz-request-id
DM4PBFJ9QH08DD7N
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
31
x-cache-hits
1634
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 3954
97 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Mar 2022 18:31:36 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 46CD
97 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Mar 2022 18:31:36 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame F4A3
97 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Mar 2022 18:31:36 GMT
syncframe
gum.criteo.com/ Frame AB40
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2211
date
Fri, 25 Mar 2022 18:31:35 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 3954
97 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Mar 2022 18:31:36 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame F4A3
97 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Mar 2022 18:31:36 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame B783
97 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Mar 2022 18:31:36 GMT
cookiesyncendpoint
sync.aniview.com/ Frame F749
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648233096591-973059860284-006493-003-001690%26biddername%3D200%26key%3D%5BRX_UUI...
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&zcc=1&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648233096591-973059860284-006493-003-001690%26biddername%3D200%26key%3D%5B...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=808739352
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=808739352
  • https://sync.1rx.io/usersync/tradedesk/7e89805f-04b7-4e2b-8cfa-c54933b2408f
  • https://sync.targeting.unrulymedia.com/csync/RX-3e1a45fc-7aa2-4430-878a-3cf7548d5430-003?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648233096591-973059860284-006493-003-001...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1648233096591-973059860284-006493-003-001690&biddername=200&key=RX-3e1a45fc-7aa2-4430-878a-3cf7548d5430-003
0
250 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1648233096591-973059860284-006493-003-001690&biddername=200&key=RX-3e1a45fc-7aa2-4430-878a-3cf7548d5430-003
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.213.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-213-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
content-length
0

Redirect headers

server
Tengine
date
Fri, 25 Mar 2022 18:31:37 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://sync.aniview.com/cookiesyncendpoint?auid=1648233096591-973059860284-006493-003-001690&biddername=200&key=RX-3e1a45fc-7aa2-4430-878a-3cf7548d5430-003
etag
RX3e1a45fc7aa24430878a3cf7548d5430003
services
sync.technoratimedia.com/ Frame 895E
0
0
Document
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1648233096591-973059860284-006493-003-001690&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648233096591-973059860284-006493-003-001690%26biddername%3D3%26key%3D%5BUSER_ID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.148.45.191 , United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

server
nginx
date
Fri, 25 Mar 2022 18:31:36 GMT
access-control-allow-origin
https://www.gazetaexpress.com/
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
429627720
age
0
via
1.1 varnish
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A734
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648233096591-973059860284-006493-003-001690%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=54289
expires
Sat, 26 Mar 2022 09:36:25 GMT
date
Fri, 25 Mar 2022 18:31:36 GMT
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame 77B7
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648233096591-973059860284-006493-003-001690%26biddername%3D18%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Date
Fri, 25 Mar 2022 18:31:36 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
X-Sovrn-Pod
ad_ap1ams1
cookiesyncendpoint
sync.aniview.com/ Frame 8974
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648233096591-973059860284-006493-003-001690%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1648233096591-973059860284-006493-003-001690&biddername=56&pid=59c9148628a0612da3689288&key=246b90a4-6770-45ab-8d47-deb35fcdc403
0
240 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1648233096591-973059860284-006493-003-001690&biddername=56&pid=59c9148628a0612da3689288&key=246b90a4-6770-45ab-8d47-deb35fcdc403
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.213.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-213-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
content-length
0

Redirect headers

location
https://sync.aniview.com/cookiesyncendpoint?auid=1648233096591-973059860284-006493-003-001690&biddername=56&pid=59c9148628a0612da3689288&key=246b90a4-6770-45ab-8d47-deb35fcdc403
content-length
0
date
Fri, 25 Mar 2022 18:31:36 GMT
server
_
occ
ups.analytics.yahoo.com/ups/58543/ Frame B7DE
0
0
Document
General
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
age
0
server
ATS/9.1.0.33
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.gazetaexpress.com&rs=www.gazetaexpress.com&sid=13856&t=1648233096&cip=193.27.14.43&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=416&he=234&app=&AV_PUBLISHERID=59f9ead1073ef4627e1810fd&test=&aafaid=&proto=https&uid=1648233096591-973059860284-006493-003-001690&cha=0.05&stagid=62275f105b58c742646fbf76&stplid=621dfaa1d69de723ea304de6&d35=&d36=6.2.12&cb=33108167798&cd1=desktop&cd2=0&cd3=outstream&cd4=1002277&cd5=cd40afff-ac69-11ec-8470-e43d1a2a96ea&cd6=11&d9=1000&d37=realtime&AV_WIDTH=416&AV_HEIGHT=234&nid=59f9ead1073ef4627e1810fd&ncid=62275ecce36d7d10c0062e14&e=request&cb=1648233096700&asid=6229d4dfd3bc6e16fa5d1b29%2C622a1d32a6d5b742d87b76f5&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.33.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-33-244.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
29019650
ads.stickyadstv.com/vast/vpaid-adapter/
1002 B
2 KB
XHR
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/29019650
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
181bd2954599344d15b66152f42494eb491f941e5b76dcf8c563258d25c29793

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:36 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1002
x-sticky-vk
1648233096833014-373
Expires
Fri, 25 Mar 2022 18:31:36 GMT
/
vpaid.impactify.media/
851 B
1000 B
XHR
General
Full URL
https://vpaid.impactify.media/?appId=gazetaexpress.com&style=impact&cbb=8233096699
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.255.213 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
432df4694f253980a289d80298ba613964121aadb94c34ac585281f4858bc0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Fri, 25 Mar 2022 18:31:36 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
content-length
851
content-type
text/xml; charset=utf8
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 46CD
97 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Mar 2022 18:31:36 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 12E9
97 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Mar 2022 18:31:36 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 593B
97 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Mar 2022 18:31:36 GMT
bulk
trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/ Frame 0ED4
0
60 B
XHR
General
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
12
pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
via
1.1 varnish
server
nginx
x-timer
S1648233097.743586,VS0,VE12
x-served-by
cache-hhn4052-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
publishertag.prebid.117.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Mar 2022 18:31:36 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame B783
97 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Mar 2022 18:31:36 GMT
sid
mug.criteo.com/ Frame AB40
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=0&topUrl=www.gazetaexpress.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=Ho2uQXwwUXp1WGZ5TC9ZS0I1ZzhoYWY2Z2FZdHVLMjFXWTlrK3NaUC81WUJCOTlTOTFuZGpsUGhJZlM3YVJUcXhPajM1aEV6ekRpMitoc0lDZVd1SENJNGdsQURpUkVVa3F4K1FTcWdLZ1hxNkYyWmlWS0FDUnNBUm9FSH...
417 B
630 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=Ho2uQXwwUXp1WGZ5TC9ZS0I1ZzhoYWY2Z2FZdHVLMjFXWTlrK3NaUC81WUJCOTlTOTFuZGpsUGhJZlM3YVJUcXhPajM1aEV6ekRpMitoc0lDZVd1SENJNGdsQURpUkVVa3F4K1FTcWdLZ1hxNkYyWmlWS0FDUnNBUm9FSHdORGpJdVRHeEtBdUhXSERzVUt2V0tkRTRvNXdTV3M0dStubW9scmtBYUl2aC9NSkxKR3hrQkZFVzF4MXhpOTJQbG8wYzBEM3dqZXgxTktzazRUQ3NUWEpuY0RVUGxZa0s2eFhqOXJnN3hEcmhYNm1oaVRyYjdENTIzWFJzTWZKeU82cEhhaTVLNUJ4a3hnMlAveTlmdThrcXFpYy8vZz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
3651a792d236023d5804a0083f1f7f3df7cd2e37a21024df31b73fb1e079e981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3250
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=Ho2uQXwwUXp1WGZ5TC9ZS0I1ZzhoYWY2Z2FZdHVLMjFXWTlrK3NaUC81WUJCOTlTOTFuZGpsUGhJZlM3YVJUcXhPajM1aEV6ekRpMitoc0lDZVd1SENJNGdsQURpUkVVa3F4K1FTcWdLZ1hxNkYyWmlWS0FDUnNBUm9FSHdORGpJdVRHeEtBdUhXSERzVUt2V0tkRTRvNXdTV3M0dStubW9scmtBYUl2aC9NSkxKR3hrQkZFVzF4MXhpOTJQbG8wYzBEM3dqZXgxTktzazRUQ3NUWEpuY0RVUGxZa0s2eFhqOXJnN3hEcmhYNm1oaVRyYjdENTIzWFJzTWZKeU82cEhhaTVLNUJ4a3hnMlAveTlmdThrcXFpYy8vZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2757
content-length
541
expires
0
bulk
trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/ Frame 574E
0
259 B
XHR
General
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
12
pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
via
1.1 varnish
server
nginx
x-timer
S1648233097.830971,VS0,VE12
x-served-by
cache-hhn4052-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/ Frame 574E
0
59 B
XHR
General
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
via
1.1 varnish
server
nginx
x-timer
S1648233097.835633,VS0,VE9
x-served-by
cache-hhn4052-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 574E
254 B
761 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
11829
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by
cache-hhn4052-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1648233097.839761,VS0,VE0
date
Fri, 25 Mar 2022 18:31:36 GMT
x-amz-request-id
DM4PBFJ9QH08DD7N
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
31
x-cache-hits
1635
syncframe
gum.criteo.com/ Frame 0971
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
4846
date
Fri, 25 Mar 2022 18:31:36 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
PugMaster
image6.pubmatic.com/AdServer/ Frame A734
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21359728&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648233096591-973059860284-006493-003-001690%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
content-length
0
bulk
trc.taboola.com/gazetaexpress160x600gr-r18287011/log/3/ Frame 4580
0
61 B
XHR
General
Full URL
https://trc.taboola.com/gazetaexpress160x600gr-r18287011/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
13
pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
via
1.1 varnish
server
nginx
x-timer
S1648233097.885797,VS0,VE13
x-served-by
cache-hhn4052-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.gazetaexpress.com&rs=www.gazetaexpress.com&sid=13856&t=1648233096&cip=193.27.14.43&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=416&he=234&app=&AV_PUBLISHERID=59f9ead1073ef4627e1810fd&test=&aafaid=&proto=https&uid=1648233096591-973059860284-006493-003-001690&cha=0.05&stagid=62275f105b58c742646fbf76&stplid=621dfaa1d69de723ea304de6&d35=&d36=6.2.12&cb=33108167798&cd1=desktop&cd2=0&cd3=outstream&cd4=1002277&cd5=cd40afff-ac69-11ec-8470-e43d1a2a96ea&cd6=11&d9=1000&d37=realtime&AV_WIDTH=416&AV_HEIGHT=234&nid=59f9ead1073ef4627e1810fd&ncid=62275ecce36d7d10c0062e14&e=bid&cb=1648233096896&asid=622a1d32a6d5b742d87b76f5%2C6229d4dfd3bc6e16fa5d1b29&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.33.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-33-244.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
loader.js
ad.impactify.io/static/ad/vpaid/ Frame 5266
10 KB
3 KB
Script
General
Full URL
https://ad.impactify.io/static/ad/vpaid/loader.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82b053dde159f22e07f8e61fb45db7f84b5a71824db82684c5a8f8313332c127

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3338
x-amz-request-id
53ZT2FJT8550M3HT
x-amz-id-2
MWcbOlFy3c6fhRkNAUBqXgOtOpqT7LU7D9Y43LFroN53JmcPcFgAWu8BIwKbVORudx3ebWtDxtc=
last-modified
Tue, 15 Mar 2022 09:09:15 GMT
server
cloudflare
etag
W/"da7555fdf0391e91d6fba03a89461caa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-version-id
dWeqBcVwbtJqeIdgkzTGoK6Uo7hEQ.V6
cf-ray
6f19b97868d80219-ZRH
expires
Fri, 25 Mar 2022 19:31:37 GMT
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 0000
337 KB
114 KB
Script
General
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
6f0a26c236d11ec79660cb5546d7377a67bad88d2c9b607d2f4a54e2c8b1f440

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 25 Mar 2022 18:31:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jan 2022 13:58:10 GMT
ETag
"1643119090"
X-HW
1648233097.dop133.fr8.t,1648233097.cds133.fr8.shn,1648233097.cds133.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116304
publishertag.prebid.js
static.criteo.net/js/ld/ Frame CC05
97 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Mar 2022 18:31:36 GMT
syncframe
gum.criteo.com/ Frame AA32
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3655
date
Fri, 25 Mar 2022 18:31:36 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
syncframe
gum.criteo.com/ Frame 2731
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3951
date
Fri, 25 Mar 2022 18:31:36 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
syncframe
gum.criteo.com/ Frame 9E24
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3257
date
Fri, 25 Mar 2022 18:31:36 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
syncframe
gum.criteo.com/ Frame 5A59
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
4286
date
Fri, 25 Mar 2022 18:31:36 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
syncframe
gum.criteo.com/ Frame EDB0
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3399
date
Fri, 25 Mar 2022 18:31:36 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
beacon
ap.lijit.com/ Frame E280
0
0
Document
General
Full URL
https://ap.lijit.com/beacon?informer=13396601
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Date
Fri, 25 Mar 2022 18:31:37 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod
ad_ap1ams1
usync.html
eus.rubiconproject.com/ Frame F269
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 25 Mar 2022 18:31:37 GMT
Connection
keep-alive
Vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 6A4F
926 B
1 KB
Document
General
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Date
Fri, 25 Mar 2022 18:31:37 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id
15DG7FS62Q387667
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
5968
Expires
Fri, 25 Mar 2022 19:31:37 GMT
Cache-Control
public, max-age=3600
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6f19b9789ea090b2-FRA
Content-Encoding
gzip
sid
mug.criteo.com/ Frame 0971
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=0&topUrl=www.gazetaexpress.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=9uyQVnwxYTB3cXFCd2VWanIwVnJQR1AxQmNsV1p5R2tiVThGcFZSenlOVXNYTUlzWS9mT21sT0swc1RIdGVHaHZSYThhL284V0ROTExrUzEvYkR1aUcrMUNtNDNFL2JvTVYvWTFQQUdvWnFPQ1Y0cFpRWkh6Z05GaUMvU2...
420 B
630 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=9uyQVnwxYTB3cXFCd2VWanIwVnJQR1AxQmNsV1p5R2tiVThGcFZSenlOVXNYTUlzWS9mT21sT0swc1RIdGVHaHZSYThhL284V0ROTExrUzEvYkR1aUcrMUNtNDNFL2JvTVYvWTFQQUdvWnFPQ1Y0cFpRWkh6Z05GaUMvU2ducVhBK2gzaGdSeHEwanlIbHZCaUNuY0xsT3hnRWx4SnNpaW9tbnNwV3o2NGlvVW9oSVordTRmSTREcDFOTjI5dGRhcDFIQVF2aGZxWm91UjZtZHUvZWFJalVtcHdzUzR3cEpqZ3l1ZmNUOU9vU2FJeVBPYkUxa0tvUXl1bjBPOWdDSWRRZzhsQWg1OVVvTXZlQjlDY0N4WEd3V2FlQT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
11c79c103b09f98ca5d7d06579941707719e64a8aecd24b3d474f871b5e130de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3671
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=9uyQVnwxYTB3cXFCd2VWanIwVnJQR1AxQmNsV1p5R2tiVThGcFZSenlOVXNYTUlzWS9mT21sT0swc1RIdGVHaHZSYThhL284V0ROTExrUzEvYkR1aUcrMUNtNDNFL2JvTVYvWTFQQUdvWnFPQ1Y0cFpRWkh6Z05GaUMvU2ducVhBK2gzaGdSeHEwanlIbHZCaUNuY0xsT3hnRWx4SnNpaW9tbnNwV3o2NGlvVW9oSVordTRmSTREcDFOTjI5dGRhcDFIQVF2aGZxWm91UjZtZHUvZWFJalVtcHdzUzR3cEpqZ3l1ZmNUOU9vU2FJeVBPYkUxa0tvUXl1bjBPOWdDSWRRZzhsQWg1OVVvTXZlQjlDY0N4WEd3V2FlQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1677
content-length
541
expires
0
syncframe
gum.criteo.com/ Frame C707
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
4664
date
Fri, 25 Mar 2022 18:31:36 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
sid
mug.criteo.com/ Frame AA32
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=qWnAol9pcEV3TFJtUXY5TGlzclFuRHJHVSUyQjgxbVdNVXBPYzFZMmJPZElx...
  • https://mug.criteo.com/sid?cpp=pBZ5THx1SmF6ekNvVnRFQVlzRSt5L0duZU9TMHdSRDVnd3M2bFpmSE0zdlRqY0FNZkdhdUdOUy9jdXFrczRkYmNQL2U1cWdvdmJNVFRreVJqcHlyRncyZmhhNWUybVR0Ri85b3hremFqMVU4clpoRk1FanJ2V2h5NlYzTk...
425 B
628 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=pBZ5THx1SmF6ekNvVnRFQVlzRSt5L0duZU9TMHdSRDVnd3M2bFpmSE0zdlRqY0FNZkdhdUdOUy9jdXFrczRkYmNQL2U1cWdvdmJNVFRreVJqcHlyRncyZmhhNWUybVR0Ri85b3hremFqMVU4clpoRk1FanJ2V2h5NlYzTktpcjB0dDEzS0FpdENKSTNtUnZZa0hxUU1GSG8zdHN0Ujc5TXRETnA3dGhyQ0FXRE9GTUdhWXBtcXZLYmw0N25hRC9yQlR0ZnhJM0RBRU52SXpUQm5Hcm1BT29FR01TRkdZamVhazVFL3VITUhVNTMxc0lZQVVISDFSUUc5ZEpQNnNjQkF0d0k0ZXJ5MUFhck5WZDdWbUEvOUxZaC9SWDArdndXZlRiVWZGeTQ5S2d6QVYxYz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
64329067b7d4e60ecc7eac4aab6ea16033ed45d7d37f0052f7fab3b3e3a8285b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3275
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=pBZ5THx1SmF6ekNvVnRFQVlzRSt5L0duZU9TMHdSRDVnd3M2bFpmSE0zdlRqY0FNZkdhdUdOUy9jdXFrczRkYmNQL2U1cWdvdmJNVFRreVJqcHlyRncyZmhhNWUybVR0Ri85b3hremFqMVU4clpoRk1FanJ2V2h5NlYzTktpcjB0dDEzS0FpdENKSTNtUnZZa0hxUU1GSG8zdHN0Ujc5TXRETnA3dGhyQ0FXRE9GTUdhWXBtcXZLYmw0N25hRC9yQlR0ZnhJM0RBRU52SXpUQm5Hcm1BT29FR01TRkdZamVhazVFL3VITUhVNTMxc0lZQVVISDFSUUc5ZEpQNnNjQkF0d0k0ZXJ5MUFhck5WZDdWbUEvOUxZaC9SWDArdndXZlRiVWZGeTQ5S2d6QVYxYz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2038
content-length
567
expires
0
sid
mug.criteo.com/ Frame 2731
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=qWnAol9pcEV3TFJtUXY5TGlzclFuRHJHVSUyQjgxbVdNVXBPYzFZMmJPZElx...
  • https://mug.criteo.com/sid?cpp=gX2it3wxRERURFMwSW5OeHpDdXhJSzBvdWhlMkRaRjhGZHhtSk1JQkJJbHlBV044Tm9tUTVZa0RrdEVuWDBIVTBYSzB0ZmRydWdYY2QzaklVNkN6NVlxWkJDQkpPbW1wWnd6OHhYMWV3UkJIcGk1VGRTTHJEOFBlNjNLMF...
438 B
632 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=gX2it3wxRERURFMwSW5OeHpDdXhJSzBvdWhlMkRaRjhGZHhtSk1JQkJJbHlBV044Tm9tUTVZa0RrdEVuWDBIVTBYSzB0ZmRydWdYY2QzaklVNkN6NVlxWkJDQkpPbW1wWnd6OHhYMWV3UkJIcGk1VGRTTHJEOFBlNjNLMFp6eFNlMWtPWEJKa1F3QlFaZXpiQVZWRTRGRGg1UFg2TFc5UlM1ZGhPbTkxWlNySkVvZzRnc2dMNlQ0VzFPVzBnNnl2NWU3R0tzRENidVMreXpqOGRXQm54aCtUU1VmZVVEL1g4dUtFdWhjSnl0dGdkK3l1UUNYRCtzakhwV0tTZjBKSXpWdDh4cXc0RC9VUFZlVHZBQlJMWXB5R01XZjk4OEI3MGpHNmRyMUtIb3JIY2wwRT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
b35bbb04a24d69878956e56c2d84d2b94eb79bf58854efcd56939446d0c03d16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3341
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=gX2it3wxRERURFMwSW5OeHpDdXhJSzBvdWhlMkRaRjhGZHhtSk1JQkJJbHlBV044Tm9tUTVZa0RrdEVuWDBIVTBYSzB0ZmRydWdYY2QzaklVNkN6NVlxWkJDQkpPbW1wWnd6OHhYMWV3UkJIcGk1VGRTTHJEOFBlNjNLMFp6eFNlMWtPWEJKa1F3QlFaZXpiQVZWRTRGRGg1UFg2TFc5UlM1ZGhPbTkxWlNySkVvZzRnc2dMNlQ0VzFPVzBnNnl2NWU3R0tzRENidVMreXpqOGRXQm54aCtUU1VmZVVEL1g4dUtFdWhjSnl0dGdkK3l1UUNYRCtzakhwV0tTZjBKSXpWdDh4cXc0RC9VUFZlVHZBQlJMWXB5R01XZjk4OEI3MGpHNmRyMUtIb3JIY2wwRT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2046
content-length
567
expires
0
sid
mug.criteo.com/ Frame 9E24
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=qWnAol9pcEV3TFJtUXY5TGlzclFuRHJHVSUyQjgxbVdNVXBPYzFZMmJPZElx...
  • https://mug.criteo.com/sid?cpp=hunKqXxjUUF3UTBmeDhmSTRmNVUvYlFBVnl2Y3Q2OFBFYWQ2alh4Qm42YXQwZEJ6WnJTS3JYb05hR2NxRWt4Z2E3SW54aUlvN3ZxbFRIK200QWZxaC90Q0ZGdnVoMXAxMjFPZGlSbjBDYlZVeno2UmFYeDRuNHg5TVAzNm...
433 B
631 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=hunKqXxjUUF3UTBmeDhmSTRmNVUvYlFBVnl2Y3Q2OFBFYWQ2alh4Qm42YXQwZEJ6WnJTS3JYb05hR2NxRWt4Z2E3SW54aUlvN3ZxbFRIK200QWZxaC90Q0ZGdnVoMXAxMjFPZGlSbjBDYlZVeno2UmFYeDRuNHg5TVAzNmtLT3FpcCtYbXI0QSszbnlxc21jYXFrVWVaK0VNVmNiajNXWWYrWld1dGxjNVNRNDNtSE0zaFBVMGlYOU9CM3l4eloxVEU2Y3ZjYXRBZWRjeUljNkhjRDB5U2Q5bWJpSTg5TWZKOTdUUTRLTTNMKzg4bFRGa3NkdHh2M2JibDkvK21jdzE4Vm51ekdRWGw3eEQ3NElqZGlaS25pM1Uvb1FCUVRWVG5iUURDMEUwaGF3Rmhraz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
61730ef35c1ea5bdd7e2730cc7a1f155e30220db0cffc7e8945a75143c3c968c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3199
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=hunKqXxjUUF3UTBmeDhmSTRmNVUvYlFBVnl2Y3Q2OFBFYWQ2alh4Qm42YXQwZEJ6WnJTS3JYb05hR2NxRWt4Z2E3SW54aUlvN3ZxbFRIK200QWZxaC90Q0ZGdnVoMXAxMjFPZGlSbjBDYlZVeno2UmFYeDRuNHg5TVAzNmtLT3FpcCtYbXI0QSszbnlxc21jYXFrVWVaK0VNVmNiajNXWWYrWld1dGxjNVNRNDNtSE0zaFBVMGlYOU9CM3l4eloxVEU2Y3ZjYXRBZWRjeUljNkhjRDB5U2Q5bWJpSTg5TWZKOTdUUTRLTTNMKzg4bFRGa3NkdHh2M2JibDkvK21jdzE4Vm51ekdRWGw3eEQ3NElqZGlaS25pM1Uvb1FCUVRWVG5iUURDMEUwaGF3Rmhraz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1768
content-length
567
expires
0
sid
mug.criteo.com/ Frame 5A59
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=qWnAol9pcEV3TFJtUXY5TGlzclFuRHJHVSUyQjgxbVdNVXBPYzFZMmJPZElx...
  • https://mug.criteo.com/sid?cpp=NCLNKHwxdEVJeW1SUklKTnVPbEN0RUtmQW4yNk80b1BmaHVmaTJta05WZVN1azREQlMwMWpIakQ2c3VOc3ZZVExDL0lpRnZUa3VzSjRxRVZYVlk0cytiSGpqcUZQUEVsaTRzWXRXeXRCQkEra08xcDVpcGViNS9ZdHR4cT...
422 B
626 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=NCLNKHwxdEVJeW1SUklKTnVPbEN0RUtmQW4yNk80b1BmaHVmaTJta05WZVN1azREQlMwMWpIakQ2c3VOc3ZZVExDL0lpRnZUa3VzSjRxRVZYVlk0cytiSGpqcUZQUEVsaTRzWXRXeXRCQkEra08xcDVpcGViNS9ZdHR4cTVCYW9qZ0ZJcG93ZzM3TXN5Y1kram12SmtTN2FRRUlXRVpPelVvYjYyOStkR09Xc2ZoSEh0VmNCaU5PeDZXOUYzOERXVDVVMHVtMVhDV0FGMjhWTUNDZ2daRTBTcDFFUnhIM2E5QkY1TFZBcnd6dDRrNmVzSW9YSXRydlZ0cVZET1Q5cFM5ZzNBZ0pibmh3ZEFmbmtKUVlXWEpyQUp6WWxsMzZ3bHFmeTYyTTNVcTI0REh3ST18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5cf71daef1877870a1d021c713733b66aac2c09e11a7ebe0ca11371f94a2b04c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4136
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=NCLNKHwxdEVJeW1SUklKTnVPbEN0RUtmQW4yNk80b1BmaHVmaTJta05WZVN1azREQlMwMWpIakQ2c3VOc3ZZVExDL0lpRnZUa3VzSjRxRVZYVlk0cytiSGpqcUZQUEVsaTRzWXRXeXRCQkEra08xcDVpcGViNS9ZdHR4cTVCYW9qZ0ZJcG93ZzM3TXN5Y1kram12SmtTN2FRRUlXRVpPelVvYjYyOStkR09Xc2ZoSEh0VmNCaU5PeDZXOUYzOERXVDVVMHVtMVhDV0FGMjhWTUNDZ2daRTBTcDFFUnhIM2E5QkY1TFZBcnd6dDRrNmVzSW9YSXRydlZ0cVZET1Q5cFM5ZzNBZ0pibmh3ZEFmbmtKUVlXWEpyQUp6WWxsMzZ3bHFmeTYyTTNVcTI0REh3ST18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2082
content-length
567
expires
0
sid
mug.criteo.com/ Frame EDB0
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=qWnAol9pcEV3TFJtUXY5TGlzclFuRHJHVSUyQjgxbVdNVXBPYzFZMmJPZElx...
  • https://mug.criteo.com/sid?cpp=a7hctHxJNWpCcE45V1R2OEkzQkY2bU9lVlRpZzFCT3pjbFF5c2JQMTFNblZHbXJybTFINHNtZzBDbjRSNmxNa1F4Z0dCbk9MTGNOWFVIZVQrNXlxQzhBM3ZBWDVvZ3psWlB4aWRBWE5TZmFHVzhBaUlxVjZZZGd0QVV5a3...
446 B
638 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=a7hctHxJNWpCcE45V1R2OEkzQkY2bU9lVlRpZzFCT3pjbFF5c2JQMTFNblZHbXJybTFINHNtZzBDbjRSNmxNa1F4Z0dCbk9MTGNOWFVIZVQrNXlxQzhBM3ZBWDVvZ3psWlB4aWRBWE5TZmFHVzhBaUlxVjZZZGd0QVV5a3UvQ0thWjhJQ3M4eitGcHFWVUw5WW9URWc0Mk13TTl0eGY4UlZvVjBGVE9aSWNiVjRDY1Uxd1BzcWdOVHVxc3dkOWc4dXRMOWllWlhOZmpSS3p4NTB2M0VmSElzeWFCR3g1RG8yQkFoRThuZ21XZUI1RFdkejhJWmd1QTgxWVYxTHBIbit4S2E3ZVVIMHZ1TkN3b1BkWmovZ3RKOHhHMW5xYkNPVEJCTnl1Z3pLVllSTGlaaz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
711d5405a85d5463eb732e8624acb40ce6e5a07f627c65d374ecb65a64183f63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3892
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=a7hctHxJNWpCcE45V1R2OEkzQkY2bU9lVlRpZzFCT3pjbFF5c2JQMTFNblZHbXJybTFINHNtZzBDbjRSNmxNa1F4Z0dCbk9MTGNOWFVIZVQrNXlxQzhBM3ZBWDVvZ3psWlB4aWRBWE5TZmFHVzhBaUlxVjZZZGd0QVV5a3UvQ0thWjhJQ3M4eitGcHFWVUw5WW9URWc0Mk13TTl0eGY4UlZvVjBGVE9aSWNiVjRDY1Uxd1BzcWdOVHVxc3dkOWc4dXRMOWllWlhOZmpSS3p4NTB2M0VmSElzeWFCR3g1RG8yQkFoRThuZ21XZUI1RFdkejhJWmd1QTgxWVYxTHBIbit4S2E3ZVVIMHZ1TkN3b1BkWmovZ3RKOHhHMW5xYkNPVEJCTnl1Z3pLVllSTGlaaz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2043
content-length
567
expires
0
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 0000
25 KB
25 KB
XHR
General
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1648233097138
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 25 Mar 2022 18:31:37 GMT
Last-Modified
Tue, 25 Jan 2022 13:58:10 GMT
ETag
"1643119090"
X-HW
1648233097.dop222.fr8.t,1648233097.cds138.fr8.shn,1648233097.cds138.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
bridge
cm.adgrx.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=53fbe05a95f96eae916d8b291cfa2a1&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1cbf_7079107247800128289
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NTNmYmUwNWE5NWY5NmVhZTkxNmQ4YjI5MWNmYTJhMQ==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKh5W09xj6txYJlprSxS6f8&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=7e89805f-04b7-4e2b-8cfa-c54933b2408f
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAFP3k7EfBUAADGGSuPXPA&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/53fbe05a95f96eae916d8b291cfa2a1?gdpr=0&gdpr_consent=&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-QAnW7LlE2oNXHS41UqsWdXhT2qv5.E9QRQOyhYt8~A
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=AXNwAGsA1NxOIO5
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
43 B
408 B
Image
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Protocol
HTTP/1.1
Server
173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:39 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-3
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:38 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1648233098880060-358
Expires
Fri, 25 Mar 2022 18:31:38 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 0000
380 B
940 B
XHR
General
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=29019650&loc=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
24819ef56f58598a9fc6008af121cd01a446a167d6347ecc1cfd8573544d4c75

Request headers

Accept
application/xml, text/xml
Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:37 GMT
Server
nginx
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
380
x-sticky-vk
1648233097069096-345
Expires
Fri, 25 Mar 2022 18:31:37 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 0000
67 B
725 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=29019650&vav=807f178ffe457419a206c75071b85309&vaviv=c8086cb18c951ee6542dffd0b031abe2&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.3.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&playerSize=416x234&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:37 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1648233097119090-387
Expires
Fri, 25 Mar 2022 18:31:37 GMT
tag.js
ad.impactify.io/static/ad/v5-1.7.3/ Frame 5266
3 KB
2 KB
Script
General
Full URL
https://ad.impactify.io/static/ad/v5-1.7.3/tag.js
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/vpaid/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
510176b9d8a0b82945b7bef32173f64c7e95580d03a9776dca69e5258b9b49c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3322
x-amz-request-id
53ZNEB21QMA12KG9
x-amz-id-2
RFcK3vRv2nMT6jmN/vD1WtVeKKn8cdzeN1+yJ4Yv9TJp4cu7RKR4xeK3JK64PJnn2Hyg+jxigUk=
last-modified
Tue, 15 Mar 2022 09:09:15 GMT
server
cloudflare
etag
W/"19f469a19b04cd39517920c9254cbbd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-version-id
YdDoVpa.SuNsPLRifZasRD03h8JXm2_S
cf-ray
6f19b9798a4e0219-ZRH
expires
Fri, 25 Mar 2022 19:31:37 GMT
sid
mug.criteo.com/ Frame C707
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=3&topUrl=www.gazetaexpress.com&bundle=qWnAol9pcEV3TFJtUXY5TGlzclFuRHJHVSUyQjgxbVdNVXBPYzFZMmJPZElx...
  • https://mug.criteo.com/sid?cpp=nqI0Znw3TGdhdlR2S1pmekEyZG1LV0p1V2YwK1M4NHpETGQ3cXhsbjRDQUlwTkhjMy9oSWozTENsT1ZJL2FZSS9LTVNFU1N4Tnl6MUhjTmRCRWZiRk5GeHNWaGNXc1JFSEFXQldaa08vcUlsTGFhRFdCSUt5Ky8xbHZrQ0...
436 B
636 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=nqI0Znw3TGdhdlR2S1pmekEyZG1LV0p1V2YwK1M4NHpETGQ3cXhsbjRDQUlwTkhjMy9oSWozTENsT1ZJL2FZSS9LTVNFU1N4Tnl6MUhjTmRCRWZiRk5GeHNWaGNXc1JFSEFXQldaa08vcUlsTGFhRFdCSUt5Ky8xbHZrQ0hIM2dCc0VYaDVMUlZ4bGt5cmE2OHh6MDRMVW9ZNlhHQ2w0aDJlMHRLRjByb0JTcnNySzNXVys3YllaRnFISWRWZVhhU005Y0M2TXdUZkV0eXZaaHVlVEtXaklWNDFHK2ZGQ2x6Rkh4bS9Zcm9NS3Vzd0dZcVhqaUVIR0JZUDhyLzZIZ0tadFZZNlUrM0YwR0l5VVk1M3RKRzlQNEpwcjFObE5lbGZ1N3FkVTFPRWxUYUxaND18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
9e694ddeb16c3964767c2abd6886eb9f95fda4af9d66bfd5fd732a408c82214e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4058
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:36 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=nqI0Znw3TGdhdlR2S1pmekEyZG1LV0p1V2YwK1M4NHpETGQ3cXhsbjRDQUlwTkhjMy9oSWozTENsT1ZJL2FZSS9LTVNFU1N4Tnl6MUhjTmRCRWZiRk5GeHNWaGNXc1JFSEFXQldaa08vcUlsTGFhRFdCSUt5Ky8xbHZrQ0hIM2dCc0VYaDVMUlZ4bGt5cmE2OHh6MDRMVW9ZNlhHQ2w0aDJlMHRLRjByb0JTcnNySzNXVys3YllaRnFISWRWZVhhU005Y0M2TXdUZkV0eXZaaHVlVEtXaklWNDFHK2ZGQ2x6Rkh4bS9Zcm9NS3Vzd0dZcVhqaUVIR0JZUDhyLzZIZ0tadFZZNlUrM0YwR0l5VVk1M3RKRzlQNEpwcjFObE5lbGZ1N3FkVTFPRWxUYUxaND18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2243
content-length
567
expires
0
usync.js
eus.rubiconproject.com/ Frame F269
32 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5c6915f027ebf093ba4af5b8017df0d62eaff9fb7283a5e7965a5950289dfc57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 25 Mar 2022 18:31:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44701
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9540
Expires
Sat, 26 Mar 2022 06:56:38 GMT
screen.js
ad.impactify.io/static/ad/v5-1.7.3/
236 KB
76 KB
Script
General
Full URL
https://ad.impactify.io/static/ad/v5-1.7.3/screen.js?v=5r88
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08d78617316b2b9ed4a3726b8fb1e8d74162fcac6cfe467e767bd7eff138ae9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3456
x-amz-request-id
DY8ZFYN79T8JHAYA
x-amz-id-2
Nemh7f7PJoQowiDWOol+aV5GzgfJitk69O2DXgsNpfwCRVM/UfFs7jJolKHFf2dC8PH1Q96Tgfg=
last-modified
Tue, 15 Mar 2022 09:09:15 GMT
server
cloudflare
etag
W/"7fa312f400b87ea15d27e706509f3c88"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-version-id
gq9lhPaidi2xEGNc3YugUyThxpO_Ee7V
cf-ray
6f19b979dac50219-ZRH
expires
Fri, 25 Mar 2022 19:31:37 GMT
cds-pips.js
cdn.taboola.com/scripts/ Frame BE27
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
fastly-original-body-size
911
age
2069
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
3ooERr0EdY38VCsujzdBLxFyMxxIwT9TvmjmUUsyE7y0ZsXAo3xsmgaOj6Q8i0uVgL3KsmWI/jru4l7xGcurVg==
x-served-by
cache-hhn4052-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1648233097.256685,VS0,VE0
date
Fri, 25 Mar 2022 18:31:37 GMT
vary
Accept-Encoding
x-amz-request-id
WS5T00GB0CFS2RGF
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
3714
eid.js
cdn.taboola.com/scripts/ Frame BE27
14 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
10270
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
EwjnA1m7DFjnk4Q/HTHhIyhScuXOn45gr6W3OjlUeJRdijSn84zkGq2a9MhWZXCEkR6K5jj11w0=
x-served-by
cache-hhn4052-HHN
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1648233097.257197,VS0,VE0
date
Fri, 25 Mar 2022 18:31:37 GMT
vary
Accept-Encoding
x-amz-request-id
2NXV5CRDB1RZETY5
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
14676
/
pips.taboola.com/ Frame BE27
64 B
244 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ba0ceb2aa6d6c75e40beba91061254f13bd1a3c6b568fc2c02131be8573d3116

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mxp6955-MXP
access-control-allow-methods
GET
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
loader.json
dvr.impactify.io/gazetaexpress.com/
4 KB
2 KB
XHR
General
Full URL
https://dvr.impactify.io/gazetaexpress.com/loader.json?v=5r88
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/screen.js?v=5r88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3980c1d6492d1e67cb0fd3f4468b4ac416b25a7196b467f4e92ebae75a0a7940

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
2983
content-type
application/json; charset=utf-8
x-amz-request-id
W5YH259M2VSRGXND
x-amz-id-2
NXEIwbFXNy1TfFoJ933RW8TBtyT9Teb7ZOLBx4JOw1wjkzPog3Jzal7EPOaUks9imcmv49AeC/4=
last-modified
Thu, 24 Mar 2022 12:01:03 GMT
server
cloudflare
etag
W/"3716f609dea690688818d38196a31151"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-language
en
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
6f19b97a9864020d-ZRH
expires
Fri, 25 Mar 2022 19:01:37 GMT
/
cds.taboola.com/ Frame BE27
0
155 B
XHR
General
Full URL
https://cds.taboola.com/?uid=80ebc69f-45a4-4c74-9a90-96fc74744ada-tuct9379007&uad=d07466b4b8727b34bf8ea309e1b700f7c28f82903654bab6f11d1108cc5f0687
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 25 Mar 2022 18:31:37 GMT
Cache-Control
no-store
Server
nginx
Connection
close
ac
www8.smartadserver.com/ Frame 8E5F
16 B
320 B
Script
General
Full URL
https://www8.smartadserver.com/ac?pgid=894934&insid=7517180&tmstp=2884267163&out=js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
cookie_sync.html
sonic.impactify.media/static/ Frame 5CB4
7 KB
3 KB
Document
General
Full URL
https://sonic.impactify.media/static/cookie_sync.html?gdpr=0
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/screen.js?v=5r88
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.255.213 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
280b57a57e08af36875437fd24f32086a15be46cc6facb69cb6aa695eebc04db

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

server
nginx/1.18.0
date
Fri, 25 Mar 2022 18:31:37 GMT
content-type
text/html; charset=utf-8
accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0
last-modified
Thu, 24 Mar 2022 07:54:24 GMT
pragma
no-cache
vary
Accept-Encoding Origin
async_usersync.html
acdn.adnxs.com/dmp/ Frame F04A
Redirect Chain
  • https://ib.adnxs.com/async_usersync_file?gdpr=0
  • https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/screen.js?v=5r88
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 26 Mar 2022 16:06:05 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 25 Mar 2022 18:31:37 GMT
Age
8734
X-Served-By
cache-lga21945-LGA, cache-hhn4031-HHN
X-Cache
HIT, HIT
X-Cache-Hits
2, 150324
X-Timer
S1648233098.560613,VS0,VE0
Vary
Accept-Encoding

Redirect headers

Server
nginx/1.21.3
Date
Fri, 25 Mar 2022 18:31:37 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Location
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0
AN-X-Request-Uuid
dc3244c6-4789-48a8-a19d-26fa7816f794
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
handcheck.png
pg.impactify.io/gazetaexpress.com/
95 B
239 B
Image
General
Full URL
https://pg.impactify.io/gazetaexpress.com/handcheck.png?screen=inline&v=5r88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:37 GMT
cf-cache-status
HIT
last-modified
Fri, 25 Mar 2022 17:41:54 GMT
server
cloudflare
age
2983
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=1800
cf-ray
6f19b97b5d120219-ZRH
expires
Fri, 25 Mar 2022 19:01:37 GMT
h0r58thg
sync-tm.everesttech.net/upi/pid/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=176703&gdpr=0
  • https://sync.search.spotxchange.com/partner?source=176703&gdpr=0&__user_check__=1&sync_id=ce626536-ac69-11ec-bef7-1e5bf6c20206
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&uid=CAESEPQPpQPReZYR4EU_sEhAha0&google_cver=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=7028&uid=7e89805f-04b7-4e2b-8cfa-c54933b2408f&img=1
  • https://sync.mathtag.com/sync/img?mt_exid=30&redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6653%26uid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=6653&uid=1782623e-0a89-4b00-ab18-86eb93da59e2&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=30&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=30&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=8459&uid=1113429183277438291&img=1
  • https://dsp.adfarm1.adition.com/cookie/?ssp=14&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=7577&uid=7079107252101314712&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&gdpr=0&gdpr_consent=
0
177 B
Image
General
Full URL
https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&gdpr=0&gdpr_consent=
Protocol
H2
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:38 GMT
via
1.1 varnish
server
Varnish
x-timer
S1648233098.354275,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-cdg20724-CDG

Redirect headers

Date
Fri, 25 Mar 2022 18:31:38 GMT
Server
nginx
Location
//sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&gdpr=0&gdpr_consent=
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
122
Connection
keep-alive
Content-Length
0
bridge
cm.adgrx.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NTNmYmUwNWE5NWY5NmVhZTkxNmQ4YjI5MWNmYTJhMQ==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKh5W09xj6txYJlprSxS6f8&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=7e89805f-04b7-4e2b-8cfa-c54933b2408f
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAEW-07EfBUAADFTc-Gy_A&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/53fbe05a95f96eae916d8b291cfa2a1?gdpr=0&gdpr_consent=&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-QAnW7LlE2oNXHS41UqsWdXhT2qv5.E9QRQOyhYt8~A
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=AXNwAGsA1NxOIO5
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
43 B
408 B
Image
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Protocol
HTTP/1.1
Server
173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:39 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-3
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:38 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1648233098955006-419
Expires
Fri, 25 Mar 2022 18:31:38 GMT
p-dGVNbBUC43xtN.gif
pixel.quantserve.com/pixel/
35 B
373 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-dGVNbBUC43xtN.gif?gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/ Frame E767
2 KB
984 B
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
fastly-original-body-size
911
age
2069
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
3ooERr0EdY38VCsujzdBLxFyMxxIwT9TvmjmUUsyE7y0ZsXAo3xsmgaOj6Q8i0uVgL3KsmWI/jru4l7xGcurVg==
x-served-by
cache-hhn4052-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1648233097.487448,VS0,VE0
date
Fri, 25 Mar 2022 18:31:37 GMT
vary
Accept-Encoding
x-amz-request-id
WS5T00GB0CFS2RGF
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
3715
eid.js
cdn.taboola.com/scripts/ Frame E767
14 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
10270
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
EwjnA1m7DFjnk4Q/HTHhIyhScuXOn45gr6W3OjlUeJRdijSn84zkGq2a9MhWZXCEkR6K5jj11w0=
x-served-by
cache-hhn4052-HHN
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1648233097.487483,VS0,VE0
date
Fri, 25 Mar 2022 18:31:37 GMT
vary
Accept-Encoding
x-amz-request-id
2NXV5CRDB1RZETY5
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
14677
hls.js@latest
cdn.jsdelivr.net/npm/ Frame C366
315 KB
92 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/hls.js@latest
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/screen.js?v=5r88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0224fb2109bd94d1df164cfc48f776f5ed760fc77b2598c36f451b620a4d8606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
fastly-original-body-size
92748
age
22732
x-jsd-version
1.1.5
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19143-FRA, cache-itm18846-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"4eb29-4v2sGw7mpSOmcj8olLhMCR3UuXM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6f19b97bcc8923c7-ZRH
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame C366
371 KB
124 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/screen.js?v=5r88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c6f1b40f2404a91f75ebd595fe475c8ddcd174fa1ccd85a21bb17999feb6a1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126303
x-xss-protection
0
expires
Fri, 25 Mar 2022 18:31:37 GMT
lib.js
ad.impactify.io/static/ad/v5-1.7.3/ Frame C366
37 KB
14 KB
Script
General
Full URL
https://ad.impactify.io/static/ad/v5-1.7.3/lib.js?v=5r88
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/screen.js?v=5r88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7df6389112c769e2c4c7b4882b78a8cfaee2fa1d79bc7f033af872e4859e7ae5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3424
x-amz-request-id
DY8SHVD9610P5R2E
x-amz-id-2
QCAiDbCyIT6Fy66MUaYcFkQ4zzgAvc173WiaH9rakIngLkVr0w+ih/FWsPAZ4yOZ8vSN6M5RWPk=
last-modified
Tue, 15 Mar 2022 09:09:15 GMT
server
cloudflare
etag
W/"266110367bf03c2588bb73480532da46"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-version-id
zU9PA2V_Hl_5T1BzFMCrfV6a5prK0XGp
cf-ray
6f19b97b6d350219-ZRH
expires
Fri, 25 Mar 2022 19:31:37 GMT
adj
ad.360yield.com/ Frame D5BA
2 KB
1 KB
Script
General
Full URL
https://ad.360yield.com/adj?p=1134661&w=1&h=1&tz=0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.45.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-45-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
13f9c8fd1fac57e4ece37d5c54f91284f26bbb3e194a1ad4e285dbbaac082cac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
gzip
content-type
text/javascript; charset=UTF-8
content-length
988
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
gpt.js
www.googletagservices.com/tag/js/ Frame 6C1B
82 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/screen.js?v=5r88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f764f20f282e807aeccf2d7b42fb4461aeb92a6a0f4ce584ed3499d5f29d0b2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28081
x-xss-protection
0
server
sffe
etag
"1169 / 555 of 1000 / last-modified: 1648206597"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 25 Mar 2022 18:31:37 GMT
/
pips.taboola.com/ Frame E767
64 B
99 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ba0ceb2aa6d6c75e40beba91061254f13bd1a3c6b568fc2c02131be8573d3116

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mxp6955-MXP
access-control-allow-methods
GET
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame F269
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFL6052nUsDjzoOPNSHONxs&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFL6052nUsDjzoOPNSHONxs&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFL6052nUsDjzoOPNSHONxs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
709414.gif
id.rlcdn.com/ Frame F269
0
0
Image
General
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ecm3
aax-eu.amazon-adsystem.com/s/ Frame F269
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=kdDKvvjLTSuE9prSzchXJQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=kdDKvvjLTSuE9prSzchXJQ
43 B
556 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=kdDKvvjLTSuE9prSzchXJQ
Protocol
HTTP/1.1
Server
52.95.119.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:38 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
G7GP610E4PH4TNJKTR50
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=kdDKvvjLTSuE9prSzchXJQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame F269
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/EKOsheVXkuvPvLkFGvJh6g?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3465679576557499217
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3465679576557499217
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

date
Fri, 25 Mar 2022 18:31:37 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3465679576557499217
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
rubicon
match.adsrvr.org/track/cmf/ Frame F269
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame F269
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L16RFEL3-X-7CCU
0
706 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L16RFEL3-X-7CCU
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: E0F5DEF95FE44A0F9E6F8CE33A803386 Ref B: FRAEDGE1517 Ref C: 2022-03-25T18:31:37Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXbDyxLJdhg+ZtpcUIzzg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L16RFEL3-X-7CCU
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame F269
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L16RFEL3-X-7CCU&sigv=1&esig=2~435109b731cf4bc5642c59d214abe8f9473c89ed
0
194 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L16RFEL3-X-7CCU&sigv=1&esig=2~435109b731cf4bc5642c59d214abe8f9473c89ed
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L16RFEL3-X-7CCU&sigv=1&esig=2~435109b731cf4bc5642c59d214abe8f9473c89ed
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame F269
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2JmMTQ2MDRhYzM2OThmNjllM2U3NWQxODY2NzIwMTFjNDJmZTEzMg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2JmMTQ2MDRhYzM2OThmNjllM2U3NWQxODY2NzIwMTFjNDJmZTEzMg
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2JmMTQ2MDRhYzM2OThmNjllM2U3NWQxODY2NzIwMTFjNDJmZTEzMg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookie_sync
sonic.impactify.media/ Frame 5CB4
1 KB
2 KB
XHR
General
Full URL
https://sonic.impactify.media/cookie_sync
Requested by
Host: sonic.impactify.media
URL: https://sonic.impactify.media/static/cookie_sync.html?gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.255.213 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a28a0728c160ca3d1a22ca3f2db52b18a581260578f008011b5bda4d64894005

Request headers

Referer
https://sonic.impactify.media/static/cookie_sync.html?gdpr=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:37 GMT
server
nginx/1.18.0
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sonic.impactify.media
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1335
expires
0
/
cds.taboola.com/ Frame E767
0
155 B
XHR
General
Full URL
https://cds.taboola.com/?uid=4baa3e0f-da8b-4609-9716-1ae1834f2e4e-tuct9379007&uad=d07466b4b8727b34bf8ea309e1b700f7c28f82903654bab6f11d1108cc5f0687
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 25 Mar 2022 18:31:37 GMT
Cache-Control
no-store
Server
nginx
Connection
close
setuid
sonic.impactify.media/ Frame 5CB4
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsonic.impactify.media%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsonic.impactify.media%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER...
  • https://sonic.impactify.media/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=05901b2b-3a1b-48e8-991f-56854a868273
0
451 B
Image
General
Full URL
https://sonic.impactify.media/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=05901b2b-3a1b-48e8-991f-56854a868273
Protocol
H2
Server
217.160.255.213 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonic.impactify.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:37 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.18.0
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://sonic.impactify.media/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=05901b2b-3a1b-48e8-991f-56854a868273
date
Fri, 25 Mar 2022 18:31:37 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
async_usersync
ib.adnxs.com/ Frame F04A
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:37 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3f038634-081b-4235-8392-27fae7f0efc0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pubads_impl_2022031601.js
securepubads.g.doubleclick.net/gpt/ Frame 6C1B
365 KB
124 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 15:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9694
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126823
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 08:34:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 25 Mar 2023 15:50:03 GMT
bridge3.507.1_en.html
imasdk.googleapis.com/js/core/ Frame 7845
591 KB
192 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b41f242bfa858ddc54ea754401991d33df52036db137b06f96aea0dc687bb3fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
196684
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 23 Mar 2022 20:53:44 GMT
expires
Thu, 23 Mar 2023 20:53:44 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 23 Mar 2022 20:48:25 GMT
content-type
text/html
age
164273
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame C366
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 25 Mar 2022 18:31:37 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame AC3E
37 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 17:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 25 Mar 2022 18:40:12 GMT
pd
u.openx.net/w/1.0/ Frame 3954
43 B
131 B
Image
General
Full URL
https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3954
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTE4NzVFRjMtNjk1Qy00MjgwLTg5NjMtODc5NUZCNTg1RDA3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
341 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:38 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug024:0:311
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 3954
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date
Fri, 25 Mar 2022 18:31:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
moatad.js
z.moatads.com/improvedigitaldisplay945272226933/ Frame D5BA
300 KB
102 KB
Script
General
Full URL
https://z.moatads.com/improvedigitaldisplay945272226933/moatad.js
Requested by
Host: ad.360yield.com
URL: https://ad.360yield.com/adj?p=1134661&w=1&h=1&tz=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
965725d3dfb26708991b9b3887778294d27dc09272616d633200ed160d481f6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
gzip
last-modified
Thu, 24 Mar 2022 16:04:16 GMT
server
AmazonS3
x-amz-request-id
C600SAA8A0DQ0NV2
etag
"30d97b2744efad2e955814ca6ca95660"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=46518
accept-ranges
bytes
content-length
104019
x-amz-id-2
5VguX6ilwn1zMxeHjwHFZCZsSffq/VrKLsYT96iOU9OtLbCbo6U7qAfRPyBMd9TknozdEkqA9ro=
imp_pixel
euw-ice.360yield.com/ Frame D5BA
43 B
290 B
Image
General
Full URL
https://euw-ice.360yield.com/imp_pixel?ic=H4lsswobNcGxLvWPTzSGWBCKa9CuB0OswrOXHfdmAyRHl-vVPdRmZQRolAuXuwb4y2nbEr2IQtrr0a1rBufhO5qS3oBZZ7uIYut2X0237-KmFKyPMC5OUI8JbDsaNa9gjvvqRG2xlNDN.EFhjSX8mEJJXxVmfoCwd4BzXWwAgl.RCHp2.KlpjsHdevHCBE3svrPoCYEAYTk23zSNojNdfUEX8.SGNnUHX9VItdc9VlG60eRQ1sa8OPnsAwQz9Ik7bDovrtBhYXm0WhrC5octDgv4qyWBYJziLAoqV3DYcdG9gQh95fbrGUbJPj68z0IeoKyfq6ahbo4HyJ-NyccE-dh-cuvnWhg4MJ-3CEncCwTO3QViiBTukDpqwyVNDJlBJCEzIEw2.V3zC8xaKFvZ6invdlPjfukuxeOC3WhYYa0gUxbbbf34ipPw1DxsyK-MS1hkCc-FHmOma5MydIIlDg-aEDF7kYXT8xgYSvLNNP7Pdg==
Requested by
Host: ad.360yield.com
URL: https://ad.360yield.com/adj?p=1134661&w=1&h=1&tz=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.45.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-45-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 25 Mar 2022 18:31:37 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
1x1.jpg
creative.360yield.com/file/852/ Frame D5BA
631 B
930 B
Image
General
Full URL
https://creative.360yield.com/file/852/1x1.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/DYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6600:1:7eae:e800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 00:14:59 GMT
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified
Tue, 03 May 2011 14:24:12
server
Apache
age
324999
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800
x-amz-cf-pop
FRA56-C1
content-length
631
x-amz-cf-id
6l-6qeuDpEaqqS8QThyQkhxIdDRX7lR-bSvG2L_hgSLU1Wz3J5ivRA==
pd
u.openx.net/w/1.0/ Frame F4A3
43 B
120 B
Image
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame F4A3
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date
Fri, 25 Mar 2022 18:31:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame F4A3
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzMwMzgwNTEtODk5MC00OUI4LTlDRUQtRDhFMDQ3OUIxMkZF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:38 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug022:0:506
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getfile.webm
cdn.impactify.media/medias/ Frame C366
4 KB
5 KB
Media
General
Full URL
https://cdn.impactify.media/medias/getfile.webm?v=5r88
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/lib.js?v=5r88
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.88.7 , France, ASN16276 (OVH, FR),
Reverse DNS
cdn-eu-de-01.impactify.media
Software
nginx/1.18.0 /
Resource Hash
a517a5cad068fcbbb3e85ce19b890ba1917954d6c507596f05e6ef2e2c34cad0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
last-modified
Wed, 01 Dec 2021 15:05:30 GMT
server
nginx/1.18.0
access-control-allow-origin
*
etag
"61a78f3a-110f"
access-control-allow-methods
GET, POST, OPTIONS
content-type
video/webm
Content-Range
bytes 0-4366/4367
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
4367
cds-pips.js
cdn.taboola.com/scripts/ Frame 0ED4
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
fastly-original-body-size
911
age
2069
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
3ooERr0EdY38VCsujzdBLxFyMxxIwT9TvmjmUUsyE7y0ZsXAo3xsmgaOj6Q8i0uVgL3KsmWI/jru4l7xGcurVg==
x-served-by
cache-hhn4052-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1648233098.753240,VS0,VE0
date
Fri, 25 Mar 2022 18:31:37 GMT
vary
Accept-Encoding
x-amz-request-id
WS5T00GB0CFS2RGF
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
3716
ifs.js
cdn.taboola.com/scripts/ Frame 0ED4
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/ifs.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cc944ab48bfe65fba34b72bca00df781e01d86cc03d7b198cdb05749c6f6979

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
aYLDhgvwwa472gRnvlfvR1v6pGE8dkzl
content-encoding
gzip
etag
"1e19fe66122d95feff923323e304da54"
fastly-original-body-size
822
age
6875
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
822
x-amz-id-2
soY4L5Dp/qORIW5s+WNBkJAd1adtHPDfhuHJf/U1vMXFTnyGGd2Qxsg9iFpmYSdSoO6476NX6rY=
x-served-by
cache-hhn4052-HHN
last-modified
Mon, 24 Jan 2022 13:29:17 GMT
server
AmazonS3
x-timer
S1648233098.753326,VS0,VE0
date
Fri, 25 Mar 2022 18:31:37 GMT
vary
Accept-Encoding
x-amz-request-id
BCZP0PJ7XZFQQGMR
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
780
eid.js
cdn.taboola.com/scripts/ Frame 0ED4
14 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
10270
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
EwjnA1m7DFjnk4Q/HTHhIyhScuXOn45gr6W3OjlUeJRdijSn84zkGq2a9MhWZXCEkR6K5jj11w0=
x-served-by
cache-hhn4052-HHN
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1648233098.753689,VS0,VE0
date
Fri, 25 Mar 2022 18:31:37 GMT
vary
Accept-Encoding
x-amz-request-id
2NXV5CRDB1RZETY5
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
14678
integrator.js
adservice.google.de/adsid/ Frame 6C1B
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6C1B
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6C1B
4 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=76730778099852&correlator=2832869940338759&eid=31063246&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&npa=1&iu_parts=1030700%2Cimpactify_cr&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=2691405420&sfv=1-0-38&ecs=20220325&ists=1&fsapi=false&cust_params=Domain%3Dgazetaexpress.com&sc=1&cookie=ID%3D28583491d24447f3-22ccdbba64cd00dd%3AT%3D1648233093%3ART%3D1648233093%3AS%3DALNI_MYps6Wv0jotgYAf4K-6-pGxKz2A5A&cdm=www.gazetaexpress.com&abxe=1&dt=1648233097766&lmt=1648233097&dlt=1648233097479&idt=274&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=tug3dc3m8bjl&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&top=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=259260600.1648233094&ga_sid=1648233098&ga_hid=1388727572&ga_fc=true&btvi=-1&a3p=Eh4KDmVzcC5jcml0ZW8uY29tEgAYkNDkkvwvRQAAAAA.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
c6ac424d5afe6ec8e33a0be5adc8cc7e11e363ed8458a5797f8b3167c6e5a941
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2231
x-xss-protection
0
google-lineitem-id
92106010
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
83124966010
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6C1B
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4e5e561e48daaeb2b0b8e09dfba886c4ed9ee54cc97fe35b8fe5719b5d20f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10620
x-xss-protection
0
container.html
2b3b275d3ab3304dd979da47e509665e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 14AB
0
0
Document
General
Full URL
https://2b3b275d3ab3304dd979da47e509665e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 25 Mar 2022 18:31:37 GMT
expires
Sat, 25 Mar 2023 18:31:37 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cds-pips.js
cdn.taboola.com/scripts/ Frame 574E
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
fastly-original-body-size
911
age
2070
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
3ooERr0EdY38VCsujzdBLxFyMxxIwT9TvmjmUUsyE7y0ZsXAo3xsmgaOj6Q8i0uVgL3KsmWI/jru4l7xGcurVg==
x-served-by
cache-hhn4052-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1648233098.832865,VS0,VE0
date
Fri, 25 Mar 2022 18:31:37 GMT
vary
Accept-Encoding
x-amz-request-id
WS5T00GB0CFS2RGF
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
3717
ifs.js
cdn.taboola.com/scripts/ Frame 574E
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/ifs.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cc944ab48bfe65fba34b72bca00df781e01d86cc03d7b198cdb05749c6f6979

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
aYLDhgvwwa472gRnvlfvR1v6pGE8dkzl
content-encoding
gzip
etag
"1e19fe66122d95feff923323e304da54"
fastly-original-body-size
822
age
6875
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
822
x-amz-id-2
soY4L5Dp/qORIW5s+WNBkJAd1adtHPDfhuHJf/U1vMXFTnyGGd2Qxsg9iFpmYSdSoO6476NX6rY=
x-served-by
cache-hhn4052-HHN
last-modified
Mon, 24 Jan 2022 13:29:17 GMT
server
AmazonS3
x-timer
S1648233098.832941,VS0,VE0
date
Fri, 25 Mar 2022 18:31:37 GMT
vary
Accept-Encoding
x-amz-request-id
BCZP0PJ7XZFQQGMR
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
781
eid.js
cdn.taboola.com/scripts/ Frame 574E
14 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
10270
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
EwjnA1m7DFjnk4Q/HTHhIyhScuXOn45gr6W3OjlUeJRdijSn84zkGq2a9MhWZXCEkR6K5jj11w0=
x-served-by
cache-hhn4052-HHN
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1648233098.833013,VS0,VE0
date
Fri, 25 Mar 2022 18:31:37 GMT
vary
Accept-Encoding
x-amz-request-id
2NXV5CRDB1RZETY5
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
14679
cds-pips.js
cdn.taboola.com/scripts/ Frame 4580
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
fastly-original-body-size
911
age
2070
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
3ooERr0EdY38VCsujzdBLxFyMxxIwT9TvmjmUUsyE7y0ZsXAo3xsmgaOj6Q8i0uVgL3KsmWI/jru4l7xGcurVg==
x-served-by
cache-hhn4052-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1648233098.877326,VS0,VE0
date
Fri, 25 Mar 2022 18:31:37 GMT
vary
Accept-Encoding
x-amz-request-id
WS5T00GB0CFS2RGF
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
3718
ifs.js
cdn.taboola.com/scripts/ Frame 4580
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/ifs.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cc944ab48bfe65fba34b72bca00df781e01d86cc03d7b198cdb05749c6f6979

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
aYLDhgvwwa472gRnvlfvR1v6pGE8dkzl
content-encoding
gzip
etag
"1e19fe66122d95feff923323e304da54"
fastly-original-body-size
822
age
6875
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
822
x-amz-id-2
soY4L5Dp/qORIW5s+WNBkJAd1adtHPDfhuHJf/U1vMXFTnyGGd2Qxsg9iFpmYSdSoO6476NX6rY=
x-served-by
cache-hhn4052-HHN
last-modified
Mon, 24 Jan 2022 13:29:17 GMT
server
AmazonS3
x-timer
S1648233098.877426,VS0,VE0
date
Fri, 25 Mar 2022 18:31:37 GMT
vary
Accept-Encoding
x-amz-request-id
BCZP0PJ7XZFQQGMR
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
782
eid.js
cdn.taboola.com/scripts/ Frame 4580
14 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220324-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
10270
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
EwjnA1m7DFjnk4Q/HTHhIyhScuXOn45gr6W3OjlUeJRdijSn84zkGq2a9MhWZXCEkR6K5jj11w0=
x-served-by
cache-hhn4052-HHN
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1648233098.877633,VS0,VE0
date
Fri, 25 Mar 2022 18:31:37 GMT
vary
Accept-Encoding
x-amz-request-id
2NXV5CRDB1RZETY5
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
14680
setuid
sonic.impactify.media/ Frame 5CB4
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fsonic.impactify.media%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_con...
  • https://sonic.impactify.media/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&uid=1793271733984630734
0
551 B
Image
General
Full URL
https://sonic.impactify.media/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&uid=1793271733984630734
Protocol
H2
Server
217.160.255.213 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonic.impactify.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:38 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.18.0
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://sonic.impactify.media/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&uid=1793271733984630734
date
Fri, 25 Mar 2022 18:31:37 GMT
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6C1B
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Mar 2022 18:31:38 GMT
/
pips.taboola.com/ Frame 0ED4
64 B
99 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ba0ceb2aa6d6c75e40beba91061254f13bd1a3c6b568fc2c02131be8573d3116

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mxp6955-MXP
access-control-allow-methods
GET
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame B783
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2NjYyNjQ0MDA4MDA1MTkxMTI0MQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2NjYyNjQ0MDA4MDA1MTkxMTI0MQ%3D%3D
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2NjYyNjQ0MDA4MDA1MTkxMTI0MQ%3D%3D
date
Fri, 25 Mar 2022 18:31:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ImgSync
image8.pubmatic.com/AdServer/ Frame B783
0
219 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=156400
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pd
u.openx.net/w/1.0/ Frame B783
43 B
75 B
Image
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 46CD
0
43 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=156400
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 46CD
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2NjYyNjQ0MDA4MDA1MTkxMTI0MQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2NjYyNjQ0MDA4MDA1MTkxMTI0MQ%3D%3D
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2NjYyNjQ0MDA4MDA1MTkxMTI0MQ%3D%3D
date
Fri, 25 Mar 2022 18:31:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame 46CD
43 B
75 B
Image
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
pd
u.openx.net/w/1.0/ Frame 12E9
43 B
75 B
Image
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 12E9
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2NjYyNjQ0MDA4MDA1MTkxMTI0MQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2NjYyNjQ0MDA4MDA1MTkxMTI0MQ%3D%3D
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2NjYyNjQ0MDA4MDA1MTkxMTI0MQ%3D%3D
date
Fri, 25 Mar 2022 18:31:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 12E9
0
43 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=156400
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
pips.taboola.com/ Frame 574E
64 B
99 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ba0ceb2aa6d6c75e40beba91061254f13bd1a3c6b568fc2c02131be8573d3116

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:37 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mxp6955-MXP
access-control-allow-methods
GET
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
pixel.gif
px.moatads.com/
43 B
260 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=IMPROVEDIGITALDISPLAY1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=2&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1648233097910&de=510097668546&m=0&ar=9f397fe3151-clean&iw=843ada5&q=2&cb=0&ym=0&cu=1648233097910&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=165017%3A106800%3A286996%3A440522&zMoatSZ=1x1&zMoatReferrer=gazetaexpress.com&zMoatBundle=-&zMoatRTBADV=-&zMoatRTBCR=-&zMoatGSR=1&ph=&pj=standard&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&id=1&ii=4&bo=195514&bd=1134661&zMoatOrigSlicer1=195514&zMoatOrigSlicer2=1134661&zMoatDomain=gazetaexpress.com&zMoatSubdomain=gazetaexpress.com&gw=improvedigitaldisplay945272226933&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A489%3A524%3A1931%3A802&fs=197724&na=1827872220&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:38 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 25 Mar 2022 18:31:38 GMT
/
tsdtocl.com/ Frame EDEF
786 B
1 KB
Document
General
Full URL
https://tsdtocl.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/ifs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c30f0f816ada3a1410045d740a98e4d2faf07fc74ffc0430678b21abbd05138

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

x-amz-id-2
Z1Z50lLeI62fXkwEUhHbKEZOgFxcOXMxS3iCI/4YlJfc/GE2gF+MJIgWb+F1ETjvGgcy98VPNOc=
x-amz-request-id
S6ZK66CZS5DHWATQ
x-amz-replication-status
COMPLETED
last-modified
Wed, 05 Jan 2022 19:36:57 GMT
etag
"fb5a4594b9ffef704d61bb6e6f80f145"
x-amz-version-id
Qk4nobcRRphLiqVWi0NeSs0dand8kap0
content-type
text/html
server
AmazonS3
accept-ranges
bytes
date
Fri, 25 Mar 2022 18:31:38 GMT
via
1.1 varnish
age
3121
x-served-by
cache-hhn4055-HHN
x-cache
HIT
x-cache-hits
3088
x-timer
S1648233098.066184,VS0,VE0
content-length
786
/
cds.taboola.com/ Frame 0ED4
0
155 B
XHR
General
Full URL
https://cds.taboola.com/?uid=4baa3e0f-da8b-4609-9716-1ae1834f2e4e-tuct9379007&uad=d07466b4b8727b34bf8ea309e1b700f7c28f82903654bab6f11d1108cc5f0687
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 25 Mar 2022 18:31:38 GMT
Cache-Control
no-store
Server
nginx
Connection
close
/
cds.taboola.com/ Frame 574E
0
155 B
XHR
General
Full URL
https://cds.taboola.com/?uid=4baa3e0f-da8b-4609-9716-1ae1834f2e4e-tuct9379007&uad=d07466b4b8727b34bf8ea309e1b700f7c28f82903654bab6f11d1108cc5f0687
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 25 Mar 2022 18:31:38 GMT
Cache-Control
no-store
Server
nginx
Connection
close
pd
u.openx.net/w/1.0/ Frame 593B
43 B
75 B
Image
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:38 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 593B
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
date
Fri, 25 Mar 2022 18:31:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pubmatic
um.simpli.fi/ Frame 593B
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHchjkEsPCa_fqpxXtGd-zk&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
612 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 24 Mar 2022 18:31:38 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Fri, 25 Mar 2022 18:31:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
/
tsdtocl.com/ Frame 3710
786 B
848 B
Document
General
Full URL
https://tsdtocl.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/ifs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c30f0f816ada3a1410045d740a98e4d2faf07fc74ffc0430678b21abbd05138

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

x-amz-id-2
Z1Z50lLeI62fXkwEUhHbKEZOgFxcOXMxS3iCI/4YlJfc/GE2gF+MJIgWb+F1ETjvGgcy98VPNOc=
x-amz-request-id
S6ZK66CZS5DHWATQ
x-amz-replication-status
COMPLETED
last-modified
Wed, 05 Jan 2022 19:36:57 GMT
etag
"fb5a4594b9ffef704d61bb6e6f80f145"
x-amz-version-id
Qk4nobcRRphLiqVWi0NeSs0dand8kap0
content-type
text/html
server
AmazonS3
accept-ranges
bytes
date
Fri, 25 Mar 2022 18:31:38 GMT
via
1.1 varnish
age
3121
x-served-by
cache-hhn4055-HHN
x-cache
HIT
x-cache-hits
3088
x-timer
S1648233098.066229,VS0,VE0
content-length
786
integrator.js
adservice.google.com/adsid/ Frame C366
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
/
pips.taboola.com/ Frame 4580
64 B
122 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ba0ceb2aa6d6c75e40beba91061254f13bd1a3c6b568fc2c02131be8573d3116

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:38 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mxp6955-MXP
access-control-allow-methods
GET
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
pubmatic
um.simpli.fi/ Frame CC05
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHchjkEsPCa_fqpxXtGd-zk&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
611 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 24 Mar 2022 18:31:38 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Fri, 25 Mar 2022 18:31:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
pd
u.openx.net/w/1.0/ Frame CC05
43 B
75 B
Image
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:38 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CC05
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2NjYyNjQ0MDA4MDA1MTkxMTI0MQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2NjYyNjQ0MDA4MDA1MTkxMTI0MQ%3D%3D
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI2NjYyNjQ0MDA4MDA1MTkxMTI0MQ%3D%3D
date
Fri, 25 Mar 2022 18:31:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
tsdtocl.com/ Frame B2F8
786 B
854 B
Document
General
Full URL
https://tsdtocl.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/ifs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c30f0f816ada3a1410045d740a98e4d2faf07fc74ffc0430678b21abbd05138

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

x-amz-id-2
Z1Z50lLeI62fXkwEUhHbKEZOgFxcOXMxS3iCI/4YlJfc/GE2gF+MJIgWb+F1ETjvGgcy98VPNOc=
x-amz-request-id
S6ZK66CZS5DHWATQ
x-amz-replication-status
COMPLETED
last-modified
Wed, 05 Jan 2022 19:36:57 GMT
etag
"fb5a4594b9ffef704d61bb6e6f80f145"
x-amz-version-id
Qk4nobcRRphLiqVWi0NeSs0dand8kap0
content-type
text/html
server
AmazonS3
accept-ranges
bytes
date
Fri, 25 Mar 2022 18:31:38 GMT
via
1.1 varnish
age
3121
x-served-by
cache-hhn4055-HHN
x-cache
HIT
x-cache-hits
3089
x-timer
S1648233098.066303,VS0,VE0
content-length
786
pixel.gif
px.moatads.com/
43 B
260 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=2&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fimasdk.googleapis.com%2Fjs%2Fcore%2Fbridge3.507.1_en.html%23goog_1328369168&i=IMPROVEDIGITALDISPLAY1&ol=3525919755&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBA63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-QVZ3bHpQg2TbHQ%3D%3D&sc=1&os=1-0w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=150&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&id=1&ii=4&f=0&j=&t=1648233097910&de=510097668546&cu=1648233097910&m=79&ar=9f397fe3151-clean&iw=843ada5&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4918&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A489%3A524%3A1931%3A802&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=58&cd=0&ah=58&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=165017%3A106800%3A286996%3A440522&bo=195514&bd=1134661&gw=improvedigitaldisplay945272226933&zMoatOrigSlicer1=195514&zMoatOrigSlicer2=1134661&zMoatDomain=gazetaexpress.com&zMoatSubdomain=gazetaexpress.com&zMoatSZ=1x1&zMoatReferrer=gazetaexpress.com&zMoatBundle=-&zMoatRTBADV=-&zMoatRTBCR=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=242239639&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:38 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 25 Mar 2022 18:31:38 GMT
setuid
sonic.impactify.media/ Frame 5CB4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58539/occ?gdpr=0&gdpr_consent=&redir=true
  • https://sonic.impactify.media/setuid?bidder=yahoo&uid=y-dF86DDBE2uFnrrYSKNdS2AAzpnN1hFtie9zlHIE-~A&gdpr=0&gdpr_consent=
0
662 B
Image
General
Full URL
https://sonic.impactify.media/setuid?bidder=yahoo&uid=y-dF86DDBE2uFnrrYSKNdS2AAzpnN1hFtie9zlHIE-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
217.160.255.213 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonic.impactify.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:38 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.18.0
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://sonic.impactify.media/setuid?bidder=yahoo&uid=y-dF86DDBE2uFnrrYSKNdS2AAzpnN1hFtie9zlHIE-~A&gdpr=0&gdpr_consent=
date
Fri, 25 Mar 2022 18:31:38 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
cds.taboola.com/ Frame 4580
0
155 B
XHR
General
Full URL
https://cds.taboola.com/?uid=4baa3e0f-da8b-4609-9716-1ae1834f2e4e-tuct9379007&uad=d07466b4b8727b34bf8ea309e1b700f7c28f82903654bab6f11d1108cc5f0687
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 25 Mar 2022 18:31:38 GMT
Cache-Control
no-store
Server
nginx
Connection
close
ptv
secure.adnxs.com/ Frame 7845
85 B
1 KB
XHR
General
Full URL
https://secure.adnxs.com/ptv?id=24569975&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&vwidth=640&vheight=360vv=4&gdpr=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:38 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5bb27df0-4a13-4f40-9e77-2e1ecf529d49
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sonic.impactify.media/ Frame 5CB4
Redirect Chain
  • https://pixel.advertising.com/ups/58503/sync?&gdpr=0&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58503/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58503/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UPcebb5623-ac69-11ec-83d6-02d708afeb30
  • https://sonic.impactify.media/setuid?bidder=verizon&uid=y-RTlOxwNE2uJ5q6ty1PXZ_HcbUYFnFH5e~A~UPcebb5623-ac69-11ec-83d6-02d708afeb30
0
817 B
Image
General
Full URL
https://sonic.impactify.media/setuid?bidder=verizon&uid=y-RTlOxwNE2uJ5q6ty1PXZ_HcbUYFnFH5e~A~UPcebb5623-ac69-11ec-83d6-02d708afeb30
Protocol
H2
Server
217.160.255.213 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonic.impactify.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:38 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.18.0
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://sonic.impactify.media/setuid?bidder=verizon&uid=y-RTlOxwNE2uJ5q6ty1PXZ_HcbUYFnFH5e~A~UPcebb5623-ac69-11ec-83d6-02d708afeb30
date
Fri, 25 Mar 2022 18:31:38 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync.php
pixel.rubiconproject.com/exchange/ Frame 5CB4
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-impactify&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonic.impactify.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif
integrator.js
adservice.google.com/adsid/ Frame C366
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
setuid
sonic.impactify.media/ Frame 5CB4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsonic.impactify.media%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://sonic.impactify.media/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=3252996639412742765
0
905 B
Image
General
Full URL
https://sonic.impactify.media/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=3252996639412742765
Protocol
H2
Server
217.160.255.213 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonic.impactify.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:38 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.18.0
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:38 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0780dfe9-4339-47ef-be30-2d6a86fe8de0
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sonic.impactify.media/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=3252996639412742765
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
advast
ice.360yield.com/ Frame 7845
27 B
245 B
XHR
General
Full URL
https://ice.360yield.com/advast?p=22734519&w=16&h=9&referrer=https%3A%2F%2Fwww.gazetaexpress.com&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.45.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-45-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Fri, 25 Mar 2022 18:31:38 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
ac
www8.smartadserver.com/ Frame 7845
129 B
1 KB
XHR
General
Full URL
https://www8.smartadserver.com/ac?siteid=497028&pgid=1553659&fmtid=61987&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1648233098&vpw=640&vph=360&pgDomain=https%3A%2F%2Fwww.gazetaexpress.com&gdpr=0&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:38 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
integrator.js
adservice.google.com/adsid/ Frame C366
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ptv
secure.adnxs.com/ Frame 7845
85 B
1 KB
XHR
General
Full URL
https://secure.adnxs.com/ptv?id=24569976&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&vwidth=640&vheight=360vv=4&gdpr=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:38 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
805bd498-6c33-465b-b9a6-81fc179fb387
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
advast
ice.360yield.com/ Frame 7845
27 B
245 B
XHR
General
Full URL
https://ice.360yield.com/advast?p=22734521&w=16&h=9&referrer=https%3A%2F%2Fwww.gazetaexpress.com&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.45.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-45-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Fri, 25 Mar 2022 18:31:38 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
integrator.js
adservice.google.com/adsid/ Frame C366
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ac
www8.smartadserver.com/ Frame 7845
129 B
761 B
XHR
General
Full URL
https://www8.smartadserver.com/ac?siteid=497028&pgid=1553661&fmtid=67294&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1648233098&vpw=640&vph=360&pgDomain=https%3A%2F%2Fwww.gazetaexpress.com&gdpr=0&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:37 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
integrator.js
adservice.google.com/adsid/ Frame C366
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ptv
secure.adnxs.com/ Frame 7845
85 B
1 KB
XHR
General
Full URL
https://secure.adnxs.com/ptv?id=24569975&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&vwidth=640&vheight=360vv=4&gdpr=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:38 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b845e397-f228-4ba9-80dd-696b09462dfd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame C366
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
advast
ice.360yield.com/ Frame 7845
27 B
245 B
XHR
General
Full URL
https://ice.360yield.com/advast?p=22734519&w=16&h=9&referrer=https%3A%2F%2Fwww.gazetaexpress.com&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.45.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-45-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Fri, 25 Mar 2022 18:31:38 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
ac
www8.smartadserver.com/ Frame 7845
129 B
756 B
XHR
General
Full URL
https://www8.smartadserver.com/ac?siteid=497028&pgid=1553659&fmtid=61987&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1648233099&vpw=640&vph=360&pgDomain=https%3A%2F%2Fwww.gazetaexpress.com&gdpr=0&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:38 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
async_usersync
ib.adnxs.com/ Frame F04A
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:38 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ef650321-b1d9-4151-8c21-1600a0d6acf2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame C366
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2982
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 25 Mar 2022 17:41:57 GMT
expires
Sat, 25 Mar 2023 17:41:57 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
2981
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3683
783 B
537 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ddca3c3103e61750def1ae7ad1a240399cad630f45fc6a66dbee1efc1011b2aa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9My6bGAex7fFZqBkmYPUQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 25 Mar 2022 18:31:38 GMT
date
Fri, 25 Mar 2022 18:31:38 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-9My6bGAex7fFZqBkmYPUQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
515
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ptv
secure.adnxs.com/ Frame 7845
85 B
1 KB
XHR
General
Full URL
https://secure.adnxs.com/ptv?id=24569976&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&vwidth=640&vheight=360vv=4&gdpr=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:38 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
48996571-3ee3-4bc3-8220-c91311cba8c2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
advast
ice.360yield.com/ Frame 7845
27 B
245 B
XHR
General
Full URL
https://ice.360yield.com/advast?p=22734521&w=16&h=9&referrer=https%3A%2F%2Fwww.gazetaexpress.com&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.45.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-45-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Fri, 25 Mar 2022 18:31:38 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
XiW-l_2i5aVoH8u79KLQHFanU8pv7NVYiw1EHy6cTgU.js
pagead2.googlesyndication.com/bg/ Frame 2982
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/XiW-l_2i5aVoH8u79KLQHFanU8pv7NVYiw1EHy6cTgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e25be97fda2e5a5681fcbbbf4a2d01c56a753ca6fecd5588b0d441f2e9c4e05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 15:59:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
9114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13735
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Mar 2023 15:59:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3683
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031601&jk=76730778099852&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

integrator.js
adservice.google.com/adsid/ Frame C366
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ac
www8.smartadserver.com/ Frame 7845
129 B
756 B
XHR
General
Full URL
https://www8.smartadserver.com/ac?siteid=497028&pgid=1553661&fmtid=67294&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1648233099&vpw=640&vph=360&pgDomain=https%3A%2F%2Fwww.gazetaexpress.com&gdpr=0&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:38 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
generate_204
tpc.googlesyndication.com/ Frame 2982
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?8JUYhQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
integrator.js
adservice.google.com/adsid/ Frame C366
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ptv
secure.adnxs.com/ Frame 7845
85 B
1 KB
XHR
General
Full URL
https://secure.adnxs.com/ptv?id=24569975&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&vwidth=640&vheight=360vv=4&gdpr=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:39 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
eeefa16a-2325-452c-b1dd-f630466183c9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame C366
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
advast
ice.360yield.com/ Frame 7845
27 B
245 B
XHR
General
Full URL
https://ice.360yield.com/advast?p=22734519&w=16&h=9&referrer=https%3A%2F%2Fwww.gazetaexpress.com&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.45.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-45-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Fri, 25 Mar 2022 18:31:39 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
ac
www8.smartadserver.com/ Frame 7845
129 B
756 B
XHR
General
Full URL
https://www8.smartadserver.com/ac?siteid=497028&pgid=1553659&fmtid=61987&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1648233099&vpw=640&vph=360&pgDomain=https%3A%2F%2Fwww.gazetaexpress.com&gdpr=0&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:39 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame 6C1B
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022031601&jk=76730778099852&bg=!ra6lrurNAAbzJazn0yU7ACkAdvg8WnrDtdaP-w6qOnKh0whLA_8BDMJ7FpcFCVwBv_9RKaZBALnqUAIAAABsUgAAAAJoAQcKAG15LDGoXRXwaG9l01OOaEUU2qDiG-rqpFqkfVKmuWmgwVmhpQO_b4_OLW-pTYlDQbOZwFuHewRVek8Jvvwp9duBBOv1xnaCmcbkycCkurXutwQH8I4UexRMJnxviU4giC0lP_ptTV_yyfcr3guhmQLd-QH17bTzB2gRddcbT9CXUCibHNUck2le5jtsjR3w8BOyBA88Ac726TTM6Afji--WMGcITkoosbFH76siJ_oLVYjEd7tzKRMDXnhPHRH6twiFqLwINi01-hnaoYZqWXve07iqxMTRHP0PfRFxabAXmPyphs5rfZfBy59XqwerGBv9j-QUyiitCJcjEhEI-fk99GZFYu7VKjidQOhwy77FbsuOdH3ucIjr8wmxLw1Qgc1pK1z2s5gsHbp2ZiHz1UMiLY_9DTJFnjG_HUeLagnPTAfk22DnRGdG_GGzu8waGkKnv4Hauy34rRpM81ltut-1GXXkTQPWEiATMS7POCn18LUp1Q94Ny1w8DLTJv4HnoyjX47ULEMc5fq8bDbjoOjNtw9JUEe3GLQXoVzL-ltmxVgt1xOHxPCKl8spgBH_D06MdSMuy1noDW-SL_jweiJOwmFqGeQTKyCijU5yGnyuruBWzRv-G0DpJ_Pl3dwcTBlHPXQ4H7XTU1tX854T-Gk5MewHJpR8A-k-dXa5hyDCPPFe5G4Bscf1O3_v9pXETyFO0WgqFLfZCQ2M1liAKGaNC9PEmsFd3mNs9VL1RLvW8Y6tqOfNPgrp6e_Bv3g6gUcXegNWrbemP0hsFLSdlS85X4yLow172nQtwqCmb8YD_A6hu5SyduP30WpBhCxpP7l4hzuBR6FCv8TlenWJExDfXISVtvrnmX7ErPP0FQ9TsdznD5oRRWYTRPbYBHgLjbw8OWXT3zxrg4t6SCp6K1NJ05onztDGBJZ1UeYR9ecL1RbeAirShhx42j1q1yDXAzUvOCTgbQkFecKc2reFyNXaAEKDwtOHnAAVzsmeasF1Z8amrfnAtaIZchvsHYqr3EHqXsDAch7AYnlgxm5Pa_k4U2_WHpcxzWODJ-4IBOSb8RGT5GMH-rPqQ2pXs_SurnxLRSECUXjXe-0P4hwtVedw8glBXcgkrb1kP0WflQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

integrator.js
adservice.google.com/adsid/ Frame C366
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ptv
secure.adnxs.com/ Frame 7845
85 B
1 KB
XHR
General
Full URL
https://secure.adnxs.com/ptv?id=24569976&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&vwidth=640&vheight=360vv=4&gdpr=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Mar 2022 18:31:39 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4cbd1920-8e47-451c-9d0a-fa7a22b5da75
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
advast
ice.360yield.com/ Frame 7845
27 B
245 B
XHR
General
Full URL
https://ice.360yield.com/advast?p=22734521&w=16&h=9&referrer=https%3A%2F%2Fwww.gazetaexpress.com&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.45.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-45-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Fri, 25 Mar 2022 18:31:39 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
integrator.js
adservice.google.com/adsid/ Frame C366
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ac
www8.smartadserver.com/ Frame 7845
129 B
756 B
XHR
General
Full URL
https://www8.smartadserver.com/ac?siteid=497028&pgid=1553661&fmtid=67294&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1648233099&vpw=640&vph=360&pgDomain=https%3A%2F%2Fwww.gazetaexpress.com&gdpr=0&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:38 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
integrator.js
adservice.google.com/adsid/ Frame C366
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Mar 2022 18:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ima3.js
imasdk.googleapis.com/js/sdkloader/
0
123 KB
Other
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/screen.js?v=5r88
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 18:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126303
x-xss-protection
0
expires
Fri, 25 Mar 2022 18:31:39 GMT
track
track1.aniview.com/
0
94 B
XHR
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.gazetaexpress.com&rs=www.gazetaexpress.com&sid=13856&t=1648233096&cip=193.27.14.43&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=416&he=234&app=&AV_PUBLISHERID=59f9ead1073ef4627e1810fd&test=&aafaid=&proto=https&uid=1648233096591-973059860284-006493-003-001690&cha=0.05&stagid=62275f105b58c742646fbf76&stplid=621dfaa1d69de723ea304de6&d35=&d36=6.2.12&cb=33108167798&cd1=desktop&cd2=0&cd3=outstream&cd4=1002277&cd5=cd40afff-ac69-11ec-8470-e43d1a2a96ea&cd6=11&d9=1000&d37=realtime&AV_WIDTH=416&AV_HEIGHT=234
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.33.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-33-244.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 25 Mar 2022 18:31:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pixel.gif
px.moatads.com/
43 B
260 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=21&q=0&yco=0&yt=0&xco=0&xt=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=2&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=IMPROVEDIGITALDISPLAY1&ol=3525919755&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBA63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-QVZ3bHpQg2TbHQ%3D%3D&sc=1&os=1-0w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=150&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&id=1&ii=4&f=0&j=&t=1648233097910&de=510097668546&cu=1648233097910&m=3543&ar=9f397fe3151-clean&iw=843ada5&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4899&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A489%3A524%3A1931%3A802&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=1&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3420&cd=58&ah=3420&am=58&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=165017%3A106800%3A286996%3A440522&bo=195514&bd=1134661&gw=improvedigitaldisplay945272226933&zMoatOrigSlicer1=195514&zMoatOrigSlicer2=1134661&zMoatDomain=gazetaexpress.com&zMoatSubdomain=gazetaexpress.com&zMoatSZ=1x1&zMoatReferrer=gazetaexpress.com&zMoatBundle=-&zMoatRTBADV=-&zMoatRTBCR=-&hv=find%20iframe%20parent&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=1731424493&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Mar 2022 18:31:41 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 25 Mar 2022 18:31:41 GMT

Verdicts & Comments Add Verdict or Comment

224 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 function| structuredClone object| oncontextlost object| oncontextrestored object| CloudflareApps string| GoogleAnalyticsObject function| ga object| _atrk_opts function| fbq function| _fbq object| _taboola object| teadsscript object| gjdmpInitializer object| gjdmp object| bisko object| googletag object| _wpemojiSettings undefined| $ function| jQuery function| previous function| next function| go_to_page function| previous_secondpag function| next_secondpag function| go_to_page_secondpag function| previous_search function| next_search function| go_to_page_search function| atrk boolean| _atrk_fired object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| org function| getQueryParamValue function| FlashObject function| SWFObject object| reviveAsync object| teads object| TRC object| _tblConsole undefined| msg object| wp object| __CF$cv$params number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| reqCountry number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| condLabels object| adUnits object| pbjs function| initAdserver function| pbjsChunk object| _pbjsGlobals object| Criteo object| jQuery1124010666548732819892 number| windowWidth number| windowHeight string| google_user_agent_client_hint object| TWAGORAINARTICLE object| _mgIntExchangeNews object| MarketGidInfC1002277 function| MarketGidCContextBlock1002277 function| MarketGidCMainBlock1002277 function| MarketGidCInternalExchangeBlock1002277 function| MarketGidCRejectBlock1002277 function| MarketGidCInternalExchangeLoggerBlock1002277 function| MarketGidCObserverBlock1002277 function| MarketGidCSendDimensionsBlock1002277 function| MarketGidCRtbBlock1002277 function| MarketGidCContentPreviewBlock1002277 function| MarketGidCResponsiveBlock1002277 boolean| mg_loaded_634059_1002277 object| MarketGidInfC1190148 function| MarketGidCContextBlock1190148 function| MarketGidCMainBlock1190148 function| MarketGidCInternalExchangeBlock1190148 function| MarketGidCRejectBlock1190148 function| MarketGidCInternalExchangeLoggerBlock1190148 function| MarketGidCObserverBlock1190148 function| MarketGidCSendDimensionsBlock1190148 function| MarketGidCRtbBlock1190148 function| MarketGidCContentPreviewBlock1190148 function| MarketGidCResponsiveBlock1190148 boolean| mg_loaded_634059_1190148 object| twemoji function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages string| txt function| postscribe function| iFrameResize object| ProjectAgora number| max_priority object| ADAGIO object| _ADAGIO object| GoogleGcLKhOms number| taboola_view_id object| onClickExcludes function| mgReject1002277 function| mgLoadAds1002277_0e80a function| MarketGidCReject1002277 function| MarketGidLoadGoods1002277_0e80a function| mgReject1214277 function| mgLoadAds1214277_0e80a function| MarketGidCReject1214277 function| MarketGidLoadGoods1214277_0e80a object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint634059 string| _mgPvid function| mgReject1190148 function| mgLoadAds1190148_12016 function| MarketGidCReject1190148 function| MarketGidLoadGoods1190148_12016 boolean| MarketGidCSvsdsFlag boolean| _mgPageView634059 boolean| i.js.loaded boolean| i-noref.js.loaded function| _mgLib1_11_87 function| _mgwqp object| google_image_requests object| aniplayerPos function| avPlayer object| storageAni object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| _impactify_ object| _impactify_tags function| Ua object| $b function| ac number| Kc function| Jc function| Lc function| Mc function| Hd function| Id function| Jd undefined| impx_jQuery object| impx_jstz object| impxCom object| _impx_pconfig object| impactifyContentApi function| _imp_d6lG6t_rmd_func object| closure_lm_188627 object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 function| arrive function| unbindArrive function| leave function| unbindLeave

90 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQstXkkvwvCgoI5gEQq9bkkvwvCgoIhwIQ0NbkkvwvCgkIOhDp1OSS_C8=
www.gazetaexpress.com/ Name: uid
Value: M9JdEmI+CoUOMLbDAwt3Ag==
.mgid.com/ Name: __cf_bm
Value: _lVEVrEj3IfJPwD5UCez6B.r9HL.NXFCGCJaXLPEvfQ-1648233093-0-Ad2maOSacp5uFRG62mQ05EpKEHKYTkcfLa58+cAYwfhyyGiLQOLytKy8XKXsQoNp8thTY9VtFGV2TtFRVtCLDaU=
ads.gazetaexpress.com/ Name: OAGEO
Value: 2%7CDE%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
.gazetaexpress.com/ Name: __asc
Value: 23259ab017fc25919779fc6e41d
.gazetaexpress.com/ Name: __auc
Value: 23259ab017fc25919779fc6e41d
.gazetaexpress.com/ Name: _ga
Value: GA1.2.259260600.1648233094
.gazetaexpress.com/ Name: _gid
Value: GA1.2.499153274.1648233094
.gazetaexpress.com/ Name: _gat
Value: 1
.rubiconproject.com/ Name: khaos
Value: L16RFEL3-X-7CCU
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB1TpaH7vr3V2f+oE/PhLWQEKtLvkckcz9t2XwTgci4QkqTc8DkmOFYKvLUsNrZ4DIT14byNT5gC/HKY++jymV4/2jL6aH0a0w4AUxyL4HCmbg==
ads.gazetaexpress.com/ Name: OAID
Value: 01000111010001000101000001010010
.gazetaexpress.com/ Name: _fbp
Value: fb.1.1648233093912.990862561
.adnxs.com/ Name: uuid2
Value: 3252996639412742765
.facebook.com/ Name: fr
Value: 0fUjIaDTuqlTtCdAd..BiPgqF...1.0.BiPgqF.
.serv431.com/ Name: UUID
Value: 8a2bfd33-2696-5861-aa81-f25a1d157ec8
.gazetaexpress.com/ Name: __cf_bm
Value: WkwGw7Q4R8_lEGLiEK7wJkHx3ZBdokQ9bOkLdSj8XUg-1648233094-0-AS6YhDFbmwNswZkXhRb35jlKRcfsd2Hm9w4xwc7m7pM8cfMmZjz1VKhKyX22B142QYz7TjnEnX8Nat16QNBTkKrx3TpEEDVeN9ogppqr/UfEw8ZsvIvTIQixRJDyjOzTjg==
.gjirafa.com/ Name: __gjci
Value: 7ad0713396de4d3e8f4555a658262092
.gjirafa.com/ Name: __gjbi
Value: cddfdb469ba9493287ee1c868662279c
bisko.gjirafa.com/ Name: __session
Value: fe95809fe70345708bda1b0d37c1498d
.serv431.com/ Name: ucv
Value: 573-DE-1648319494456-24--1460-DE-1648319494588-24--
www.gazetaexpress.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D4baa3e0f-da8b-4609-9716-1ae1834f2e4e-tuct9379007
.mgid.com/ Name: muidn
Value: m2pzk6hUkxvb
www.gazetaexpress.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1002277%22%3A%7B%22page%22%3A1%2C%22time%22%3A1648233095741%7D%2C%22C1190148%22%3A%7B%22page%22%3A1%2C%22time%22%3A1648233095704%7D%2C%22C1000638%22%3A%7B%22page%22%3A1%2C%22time%22%3A1648233095924%7D%7D
.aniview.com/ Name: aniC
Value: 1648233096591-973059860284-006493-003-001690
.criteo.com/ Name: uid
Value: 729ae9d5-ce4a-4931-9cf4-02ac7bdc72dc
ads.stickyadstv.com/ Name: UID
Value: 53fbe05a95f96eae916d8b291cfa2a1
ads.stickyadstv.com/ Name: sessionId
Value: 5a147d431e663f51169c175d473b7d7
.adsrvr.org/ Name: TDID
Value: 7e89805f-04b7-4e2b-8cfa-c54933b2408f
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3e1a45fc-7aa2-4430-878a-3cf7548d5430-003%22%7D
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3e1a45fc-7aa2-4430-878a-3cf7548d5430-003%22%7D
.aniview.com/ Name: 2_C_56
Value: 246b90a4-6770-45ab-8d47-deb35fcdc403
sync.aniview.com/ Name: 2_C_56
Value: 246b90a4-6770-45ab-8d47-deb35fcdc403
.aniview.com/ Name: 2_C_200
Value: RX-3e1a45fc-7aa2-4430-878a-3cf7548d5430-003
sync.aniview.com/ Name: 2_C_200
Value: RX-3e1a45fc-7aa2-4430-878a-3cf7548d5430-003
.gazetaexpress.com/ Name: cto_bundle
Value: 5rAd919pcEV3TFJtUXY5TGlzclFuRHJHVSUyQjRQSlNNYjA2ZWh2clVJZTRpZVJySnBwWWdENm8lMkZBSld4SGVCS1Jyakl1aUFIbFRGRWglMkIzSFR1bng5cTM3T3NwM29HRUJ3WVhmUW9JTkl6bDFCUTdXSXdDc0R5NyUyQnEwMWROSzk1dCUyQk9oSnglMkJNMUFKbUdoZHdlY3dZVGxXdEpzYlElM0QlM0Q
.fwmrm.net/ Name: _uid
Value: "l1cbf_7079107247800128289"
ads.stickyadstv.com/ Name: pxId
Value: 2738
ads.stickyadstv.com/ Name: uid-bp-36033
Value: l1cbf_7079107247800128289
ads.stickyadstv.com/ Name: MRM_UID
Value: l1cbf_7079107247800128289
.doubleclick.net/ Name: IDE
Value: AHWqTUmVPvL4PRYYBnWutyTl51kJPwj4Q88FGb6FnEFHxOfLLG-9bipIKdKFXU5V5p4
.quantserve.com/ Name: mc
Value: 623e0a89-7b6f3-b7af0-87717
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEKh5W09xj6txYJlprSxS6f8
.spotxchange.com/ Name: audience
Value: ce6264fd-ac69-11ec-bef7-1e5bf6c20206
.360yield.com/ Name: tuuid_lu
Value: 1648233097
ads.stickyadstv.com/ Name: uid-bp-892
Value: 7e89805f-04b7-4e2b-8cfa-c54933b2408f
.360yield.com/ Name: tuuid
Value: 05901b2b-3a1b-48e8-991f-56854a868273
.yahoo.com/ Name: A3
Value: d=AQABBIkKPmICEHfVp2qcJMpvA_9PWSDwSbAFEgEBAQFcP2JHYgAAAAAA_eMAAA&S=AQAAAhEBPGwepk50QBFCJGmEhZQ
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&0e2a547f-145a-41d3-82ec-ca52cd074d5d"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDgyMzMwOTc7MjswMjFnR031IkoG1pIoCwrv9aYP5O87XT02uiAW5WBp+FYMQA==
.linkedin.com/ Name: lidc
Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2336:u=1:x=1:i=1648233097:t=1648319497:v=2:sig=AQHuOfsKVfG4g19fgH_xxAsFjw4JnsG0"
.3lift.com/ Name: tluid
Value: 1266626440080051911241
.360yield.com/ Name: fh
Value: !1042_286996,1
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
sonic.impactify.media/ Name: SSCookie
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 11875EF3-695C-4280-8963-8795FB585D07
.gazetaexpress.com/ Name: __gads
Value: ID=28583491d24447f3:T=1648233093:S=ALNI_MZDfMbmcqIk46Znp593TLXDUUPCGA
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjircfdjabHOhAFOAFaBXNwb3R4YAI.
.amazon-adsystem.com/ Name: ad-id
Value: A2WXk7rLnEGQqnTLXzj7uec
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: pi
Value: 156400:3
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidr.io/ Name: bito
Value: AAEW-07EfBUAADFTc-Gy_A
.smartadserver.com/ Name: pid
Value: 1793271733984630734
ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAEW-07EfBUAADFTc-Gy_A
.mathtag.com/ Name: uuid
Value: 1782623e-0a89-4b00-ab18-86eb93da59e2
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEHchjkEsPCa_fqpxXtGd-zk&KRTB&16514-CAESEHchjkEsPCa_fqpxXtGd-zk&KRTB&23025-CAESEHchjkEsPCa_fqpxXtGd-zk
.pubmatic.com/ Name: PugT
Value: 1648233098
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-QAnW7LlE2oNXHS41UqsWdXhT2qv5.E9QRQOyhYt8~A
.pubmatic.com/ Name: SyncRTB3
Value: 1649376000%3A220_21_13
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.advertising.com/ Name: APID
Value: UPcebb5623-ac69-11ec-83d6-02d708afeb30
.adform.net/ Name: C
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: "1963~23yi:1953~23yi"
.adform.net/ Name: uid
Value: 1113429183277438291
.simpli.fi/ Name: suid
Value: BC1F7E231714433BAB56C20315B0EB9E
sonic.impactify.media/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiIzMjUyOTk2NjM5NDEyNzQyNzY1IiwiZXhwaXJlcyI6IjIwMjItMDQtMDhUMTg6MzE6MzguMjQ2Mjg3NDQ0WiJ9LCJpbXByb3ZlZGlnaXRhbCI6eyJ1aWQiOiIwNTkwMWIyYi0zYTFiLTQ4ZTgtOTkxZi01Njg1NGE4NjgyNzMiLCJleHBpcmVzIjoiMjAyMi0wNC0wOFQxODozMTozNy43ODI1NzYwNjhaIn0sInNtYXJ0YWRzZXJ2ZXIiOnsidWlkIjoiMTc5MzI3MTczMzk4NDYzMDczNCIsImV4cGlyZXMiOiIyMDIyLTA0LTA4VDE4OjMxOjM4LjAzMDEzNzQxNloifSwidmVyaXpvbiI6eyJ1aWQiOiJ5LVJUbE94d05FMnVKNXE2dHkxUFhaX0hjYlVZRm5GSDVlfkF-VVBjZWJiNTYyMy1hYzY5LTExZWMtODNkNi0wMmQ3MDhhZmViMzAiLCJleHBpcmVzIjoiMjAyMi0wNC0wOFQxODozMTozOC4xOTE4MTMxNDZaIn0sInlhaG9vIjp7InVpZCI6InktZEY4NkREQkUydUZucnJZU0tOZFMyQUF6cG5OMWhGdGllOXpsSElFLX5BIiwiZXhwaXJlcyI6IjIwMjItMDQtMDhUMTg6MzE6MzguMDk3NTE4NjE2WiJ9fSwiYmRheSI6IjIwMjItMDMtMjVUMTg6MzE6MzcuNzgyNTYyOTY2WiJ9
.smartadserver.com/ Name: vs
Value: 497028=4853911
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D60314%3B%24qt%3D25_1045_42811t%3B%24dma%3D0&c=1&l=-1467671069&lo=-1276914095&lt=637838298982512624&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D60314%3B%24qt%3D25_1045_42811t%3B%24dma%3D0
.adfarm1.adition.com/ Name: UserID1
Value: 7079107252101314712
.spotxchange.com/ Name: sl
Value: eyJnIjpmYWxzZSwicyI6IjE3NjcwMyIsInNwIjo2LCJpIjp0cnVlLCJscCI6NjQwOSwiZ2NzIjoiIiwicGwiOls2NDY1XSwic2lkIjoiY2U2MjY1MzYtYWM2OS0xMWVjLWJlZjctMWU1YmY2YzIwMjA2Iiwic29sIjo3LCJzbCI6MX0=
.w55c.net/ Name: wfivefivec
Value: AXNwAGsA1NxOIO5
.w55c.net/ Name: matchfreewheel
Value: 5
ads.stickyadstv.com/ Name: uid-bp-23329
Value: AXNwAGsA1NxOIO5
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2C$KjZH..!]tco8bhzs#DIgl#XsfS?`D4B
.adnxs.com/ Name: icu
Value: ChgI7PpYEAoYASABKAEwhZX4kQY4AUABSAEKGAjKkH4QChgGIAYoBjCLlfiRBjgGQAZIBhCLlfiRBhgG

3 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4665846415960239&output=html&adk=1812271804&adf=3025194257&lmt=1648233093&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gazetaexpress.com%2FDYSHOHET-SE-KOREJA-E-VERIUT-LESHOI-RAKETEN-ME-TE-MADHE-TE-5-VITEVE-TE-FUNDIT%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648233093699&bpp=3&bdt=454&idt=262&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1911826339242&frm=20&pv=2&ga_vid=259260600.1648233094&ga_sid=1648233094&ga_hid=1774774518&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21066434%2C31060566%2C31063246&oid=2&pvsid=767084410462239&pem=418&tmod=1633614420&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=279
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
1f9afd595932b731caa96c0be85f1c84.safeframe.googlesyndication.com
2b3b275d3ab3304dd979da47e509665e.safeframe.googlesyndication.com
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.impactify.io
ads.gazetaexpress.com
ads.projectagoraservices.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.adform.net
adxbid.info
aghtag.tech
agorahtag.tech
am-trc-events.taboola.com
ap.lijit.com
bidder.criteo.com
biddr.brealtime.com
bisko.gjirafa.com
c.mgid.com
c1.adform.net
cdn.impactify.media
cdn.jsdelivr.net
cdn.mgid.com
cdn.projectagora-adtag-library.com
cdn.stickyadstv.com
cdn.taboola.com
cds.taboola.com
certify.alexametrics.com
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
connect.facebook.net
creative.360yield.com
csync.loopme.me
d31qbv1cthcecs.cloudfront.net
dsp.adfarm1.adition.com
dvr.impactify.io
eb2.3lift.com
eus.rubiconproject.com
euw-ice.360yield.com
fastlane.rubiconproject.com
gjstatic.blob.core.windows.net
go1.aniview.com
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
jsc.mgid.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pg.impactify.io
pips.taboola.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
player.aniview.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prg.smartadserver.com
projectagora-483829-hdb.adomik.com
projectagora-d.openx.net
projectagoralibs.com
px.ads.linkedin.com
px.moatads.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
s-img.mgid.com
s0.2mdn.net
s333.adxpremium.services
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
serv431.com
servicer.mgid.com
sonic.impactify.media
ssbsync-global.smartadserver.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.teads.tv
tg1.aniview.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trc-events.taboola.com
trc.taboola.com
tsdtocl.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
video-native.mgid.com
vpaid.impactify.media
www.facebook.com
www.gazetaexpress.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www8.smartadserver.com
z.moatads.com
104.107.161.75
104.17.119.107
104.19.135.78
104.19.136.78
104.21.59.143
104.26.0.156
13.248.245.213
141.148.45.191
141.226.224.32
141.226.228.48
142.250.181.226
142.250.185.226
151.101.129.108
151.101.129.44
151.101.2.49
151.101.66.133
152.228.222.122
169.50.137.184
173.231.181.122
178.250.0.157
178.250.0.165
18.134.84.19
18.156.0.31
185.184.8.65
185.29.132.241
185.64.189.112
185.64.190.78
185.64.190.80
185.86.137.114
185.86.137.122
185.86.137.32
185.94.180.126
198.47.127.18
2.18.232.7
2.18.233.180
2.18.234.233
2.18.235.40
2001:4de0:ac19::1:b:1a
208.88.224.28
213.19.147.45
217.160.255.213
23.37.38.181
23.37.42.132
23.88.75.186
2600:9000:206f:6600:1:7eae:e800:93a1
2602:803:c004:200::141
2606:4700:20::681a:9a9
2606:4700:3030::6815:1b4
2606:4700:3031::ac43:a8b4
2606:4700:3032::6815:4ae4
2606:4700::6810:5914
2606:4700::6812:e13
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:21::14
2a00:1288:80:807::2
2a00:1450:4001:800::200a
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9c
2a02:2638:1::13
2a02:2638::3
2a02:26f0:12d:495::2c79
2a02:26f0:12d:4ab::2c79
2a02:26f0:6c00::210:ba42
2a02:26f0:6c00::210:ba4a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42:400::300
2a05:d018:d29:3605:d2ee:f2bf:9614:83c1
2a06:98c1:3120::7
3.120.57.46
3.134.20.240
34.240.79.98
35.244.159.8
35.244.174.68
35.71.131.137
37.157.3.29
37.252.172.38
37.252.173.22
51.195.88.7
52.215.92.65
52.239.139.164
52.59.66.68
52.71.33.244
52.95.119.178
54.149.204.124
54.165.191.202
54.174.213.70
54.74.45.231
54.93.106.38
69.173.144.138
69.173.144.139
72.251.249.14
85.114.159.93
99.86.7.16
99.86.7.86
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02213e2aa607820897b9836c2456601304d19c46b4f4b75d35bb20dc7cf4efe6
0224fb2109bd94d1df164cfc48f776f5ed760fc77b2598c36f451b620a4d8606
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
04f1a3827eaff0b8b11a96a873a89f03dce094fadc3d825e7ad74b040eb6753d
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
081b983483170e65eaeb26f1b0d97126e37c928132031d1ee0823c54f9691025
08b562cee19c4ff0e74eeb29a0b4f4013644c02f0cbc6ebf9f22a434cd527807
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
099d88f740064eea7ac8ec2887d578b0ce1b0f428287aa784340d39c2d9a760b
0b6d81383ff606e5fa260578fae4466016aa3e61c9c391cf2210c9e8bf69ad9f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76
0e4af100a42dd45aa66377c48b24edb4ddd16831513508917ec5e87e0ab98600
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11c79c103b09f98ca5d7d06579941707719e64a8aecd24b3d474f871b5e130de
13f9c8fd1fac57e4ece37d5c54f91284f26bbb3e194a1ad4e285dbbaac082cac
16714e304b04c7ce5c989e5cbf87d0abdbaaf6fc128e2c6d0d246bf3958cb35f
17e52ef4f8d793e26ef6578dc8cba66ccae0f18f0ee19a5157587bc2f161159f
181bd2954599344d15b66152f42494eb491f941e5b76dcf8c563258d25c29793
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1ae88d1d58c142032f5aa462cfdb03201713bfd0267ae12b853b1045c9c561e0
1bf5ec97a26ec5291f86b864fe727de79accd6c0bd484ff3dfe75e74cf3289a6
1ed7d434cc3f89a09a5fb5385a44b646a302cc0e7f4a09f84f55dfeb14d1f100
202b60c49aaffc7e0f217e44c76e1294a5ddb44cfd09d3dd4b3f6fd3b2361f01
218b3725546e5eaa0ebe2e70202a7a33f86d4ae0602f9d7a6efcd568da1247e8
226406df1498959d59fc39f2a004f1c9b40a72dbdb29adc764381394a381447f
237f2143451e98901ee3c11f616369fc0ade0f7f65a29f2efd26eb59e02a7997
24819ef56f58598a9fc6008af121cd01a446a167d6347ecc1cfd8573544d4c75
257a4584294f6aa97aeb3e9c8ddfdef3892ca1b3530213f80a2b431f0da20159
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26cf4453783f0965a47a2281abec28445f27f8ff34d33dd47528706dd4de10bb
26fc8e06815cfb2ae45b00e8066f83db2dcccf37739db7902d2b08bf1490f5c0
280b57a57e08af36875437fd24f32086a15be46cc6facb69cb6aa695eebc04db
281c30e5911a6a2a0f11f84fe5c2921edf457b6a927a40b3f12ee8efa0d1abd5
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2b104a8cec3cdffac179b2f1cdb936f8b95ad5a9402b4c45f376f7ed0515c4dd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31dba1aec81e6b14d4ba4c8ff7974e33f480719a71ea60d42361c49b59c0a2d3
32391e5d56d10900eccaf5ff6040224e96de4e09db5739aa213c4bb09779d579
32814505fed89592bc8718a6b2aac8cf72c4ef5f93b036ccad02439a0235b579
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21
36234dfc3643d15135aa25829d06d32fc1a843e9bec39b64ca0ffec08eac4a45
3651a792d236023d5804a0083f1f7f3df7cd2e37a21024df31b73fb1e079e981
374185e53bbef45445536ca0bec29e8ee94dd9c3ef96914dfa69a13447964ca9
3980c1d6492d1e67cb0fd3f4468b4ac416b25a7196b467f4e92ebae75a0a7940
3ae889f20623141ecc233802eb622837400ea58d38a6bb7ea9d8363a2af2070e
3bc6c15887a94c5f1fb3636f77d03d5d974cc64286e1da561a76e81c624b4a12
3c0201e4b5201019dcca31e26d6b0e3f00c02db108fabe6522f74a8a3adbe82c
3c30f0f816ada3a1410045d740a98e4d2faf07fc74ffc0430678b21abbd05138
3d2980f2f39d5ad260db8f98d1fee29b964c45f6362443c2cdde99bb08699892
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dd9aa57367b6cc740caae552d411726e023cef38b4aab1ab365a7ce34b58d76
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
3e724d102e9bdc7dfaddd395c778e2e16c041aac0be0e5694811d0ad0e376c61
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee01bd79e58c77dc4276a96fa5dcbe396c024538353c216894c5d6abcf2b6e1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407aab5e389bedf516bf8d5681a17043715aebce44cd403de98e7b9334de844a
41abb8d234f849550edb1918b1c8b6170cb332dfc5155f1254d5e4b4ca7bdd70
432df4694f253980a289d80298ba613964121aadb94c34ac585281f4858bc0d9
43519fc44b476fbe3de469041a267e6efd53e13dca8c3536d536d7cb029750f0
435ce57b7e49b4625586fd7fd96c73611899225a53c82e316349fdb77dfd831b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4c6fdeefe7a499f7c7bd8b3ed87d134e492acfe07dac029de91e51e03e973843
4ce720eb55b3a5c0f94ea3778f758e5ebcfc03080723268d8c22c7752184e3a0
4d3c2716fb807011f9b2da62eccb916cb685d127d731c19b72e91d1116b18b71
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8f0f5ca5d5b55140671695909b35920222f2b67297d9c0651bbfacf530350c
4fd7e4addfa6af607117bf218a0bee89074525db02f98b9389efa3cd8e6d1b84
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
50fd5a4d7302005b2bb31436f6743af67b474b4551c5df0f0ab51bf38ea073b8
510176b9d8a0b82945b7bef32173f64c7e95580d03a9776dca69e5258b9b49c3
534bfbb1bce49aca2d5e1f7d6c73cc09e5bcc440be66e843007a3492c1668495
536bb1cf7e5e542325a3d7fbcd156fa3c495c47550b7709bd1962b02af0b3188
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
58b895a19fd5fa95ea6ad36148c21fb0743713de8268669ba58970f160339de5
58d5dd78af31fedc394fc1576004d11f96384907eaffd5260382daeefe8dccb3
5a969ee5f1495ca4f3f99e85480c5c37cd737189d01fa2d4ab8553e01c858814
5abb21976d749cfb85b68ffc1dcb20284306be8f686ae02cacc1522546b7e15e
5bfc9d681398233b7ea9d711c1c7c13bfff2e0333451c4d2bad846fc8ccd73d6
5c6915f027ebf093ba4af5b8017df0d62eaff9fb7283a5e7965a5950289dfc57
5cf71daef1877870a1d021c713733b66aac2c09e11a7ebe0ca11371f94a2b04c
5e25be97fda2e5a5681fcbbbf4a2d01c56a753ca6fecd5588b0d441f2e9c4e05
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5ef84fee90a05070f263c7fda2cd0c506d0c701450cfc42be2a07f8cc816cd48
5f7ef35bdb15376d58e3ea16190d1d92a0379ae2f5b0b0108d393369dd09ed4f
61730ef35c1ea5bdd7e2730cc7a1f155e30220db0cffc7e8945a75143c3c968c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6357f1c8dc514c89d7898c95823fb279d0cc68394f6cb43c8213ee90cc4bbed8
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64329067b7d4e60ecc7eac4aab6ea16033ed45d7d37f0052f7fab3b3e3a8285b
658c14d9b1f327a4c44cc3295d08584eada1e2d086497f748ad972799f4e4fc5
6794f75867a7a053638fd07475d3fe5e2b6eac23e151c0a832d6f251443a0b98
68af5a6a7edf22605e596cf869c1b11c44d23efa73926e035b3cd0ce393e842d
68d438a077c23974e2d624a6720f5f0b5dd21a507f3c91b6f81f3b6633d74da9
6ac81de0c9db5e9ded5542efde8a02b20c6a6e668275763b26465b5d03b291f1
6be4aeb8ab5cffa42a0f0ad08a780289db5dd6d9d72ca1d0d8c83f3590b50901
6c6f1b40f2404a91f75ebd595fe475c8ddcd174fa1ccd85a21bb17999feb6a1b
6d4b871026e1912263de416e2998423157080532a674bfb55eff6372495521ee
6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb
6f0a26c236d11ec79660cb5546d7377a67bad88d2c9b607d2f4a54e2c8b1f440
70d067735991c685e2ff4b1002571d94671a3cc0b93a4c367a9f268c2d4a8a97
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
711d5405a85d5463eb732e8624acb40ce6e5a07f627c65d374ecb65a64183f63
7282309b5829bb33abe6dfc6a9ff19c6f4c235212445314c41da920984d0f636
73c946e1c5809576bf156031ff5186116776cd23c032266aeca9067dcfd0771d
760042c74ca436460ec38ee573383b5eb120a272f56e2ed526a62b7757eacd22
76a90135a3f44e3108f3a857d9bc86327de6be031917368293a94cd5a6935ef8
7891a0c5ddf9d2e0710fac4acfa34649708a091808411c8bc12b5bc22a4d33e7
7929edf6b6b8be0c5686eadf041e911e50040e15a0fbf3349a6e649692c715b1
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79f392bd641281fdbaa6d5054d812bd0f4cdd23e327e8ff7093688b372ff663a
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7df6389112c769e2c4c7b4882b78a8cfaee2fa1d79bc7f033af872e4859e7ae5
7f3582eb2102f7bd956fc3ca67929e11bb7fed2cf0f846fc169f1ce6915d6282
7f89c3732c62f58253fc474411f7bf051f526e7c474684a90eb3b9d7582a5084
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7fd073c3febc36b1012510c5ca2581805a9e7e5d94eeb030c20e20ee9ad60176
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
824ef51868c56d7a98bc86a6eae03e4e5232ff6dd17e5898c6654a9e137385e1
82b053dde159f22e07f8e61fb45db7f84b5a71824db82684c5a8f8313332c127
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c7061e855dc8bb94b83bbc3782081062211d93dd30c5a362a5dacf18cdd9bd
84194c6e837aee55404ce102ce769b16bba4be4eaae4766657162bc67319576a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85121a60fa28046f20d9a0f53aa7f48389804115c109dd8c1ad24b2316483d2e
8590ee2871189fe2bdb44d32ceb04e73194eac8d2785113c8a87c79bcec64f3e
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86960b92c227276b7ece5da51dad789ec45424f1294bc5884cacaca7d44cc595
873ff16ed970e8c40b69c4d3e068b80d298f6fa52445ffff51fff04416fb044b
893272f386161bc5de59f161622195fa4cc580b63e4f49d21d495394a3e09972
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8acd0cfd1ce55d0b8210b48e4beccdf535dc9942dfd204ed0ffe3ad4a3c499e4
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8cc944ab48bfe65fba34b72bca00df781e01d86cc03d7b198cdb05749c6f6979
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e700bddd1405ed9feb6cca2523254b13b0bc2191f0728170099746792e7caa8
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
922e0e375186bc04113ac7b1831643fa4e2af78596323bdac9414c7743abc6cc
923820ef5968252dbf8ecdb34623b9ec4b717097cca947ebe75ab68b9303f3d3
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93c5e6e7d777a743592f0e4a871d7046c4b1a7cc66eef8ed5f79f2f0d2a7cc27
965725d3dfb26708991b9b3887778294d27dc09272616d633200ed160d481f6d
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9746354ea550264fd6f012b91a2d28dd455bf19501417ee41d58cb9f2d81d445
97ad3d46b56aebe0f14ba3f120b2bea87f715585a61b19a193fd3e94fde715ad
9800465cae64bdf8617aaca614fe37e565cf5b9e577daedd111816175e406b04
9ae43fbd9162bf34d6cf9dcfea30f8c5edb3f0d94f3ee60a35032e245b4bf3da
9c98fc48c7e57e67112c6aa41339d1db22bdbe58e91f108ba8933e8e43911854
9cbb9be7acdac8ad96d8419b8eb4e7120b05295a42d3c50919370d1fc83547dc
9ccfa0f9a284575c4d49aac5570eb4c23cc03b5ce97bfb163e975b54efc750ae
9dfec6c7e2254959d01350a2ea2f613ddaaf9e92249d7bb13b75b4dd0837c534
9e694ddeb16c3964767c2abd6886eb9f95fda4af9d66bfd5fd732a408c82214e
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1af5ad071f96fa1d97a3b01321fffea2bd1166c794b00108d3b0d9da819d172
a28a0728c160ca3d1a22ca3f2db52b18a581260578f008011b5bda4d64894005
a3a2a44b86a5568a98dc4adbbf8a9e548879404722f5e703694b07fbc985e72c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a517a5cad068fcbbb3e85ce19b890ba1917954d6c507596f05e6ef2e2c34cad0
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a80438cc568b43de3985e7ca3cd0300dda73126f30b815625acea91bcdb87483
a9b6ce5bce35a38960eda5c669c47447957cf16042d21a91973f55393e5b3b55
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa64d881a7842b502c8ffaf5d8b8e3ff56ca4848d38c49d86fb766a85e83ba91
aab9e2e7c2f73090b47d4bfd4c17c79b9cfbf629e28d86a15bd79c414d7e2ec4
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad8dc1681c0451d8590af4d2d08b7b16e4f6edf197f805929d6a85a2be1b622c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afd0f29b4b5495d092c10dc6b7cfba7542f00870aeb505ece7058c69f2f55db8
b08d78617316b2b9ed4a3726b8fb1e8d74162fcac6cfe467e767bd7eff138ae9
b0f1990e5b0178f5ccef7e285c86d07d309c4ab83927b626f75d5658f1347513
b18983695372f4a79f7f99b514ffefaf9ff8f1bc359bc8ce59ee024638145c68
b1a2e5ffa0b16b7f55eba0ace46076a613f872f8844dcd9667dec900d5f27e46
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b35bbb04a24d69878956e56c2d84d2b94eb79bf58854efcd56939446d0c03d16
b3ede5c007b843287b8ffd0c398af54969710362e87a04e571f5e140ef2a35ee
b41f242bfa858ddc54ea754401991d33df52036db137b06f96aea0dc687bb3fb
b55c9010c45abfd0c281922089972a552d2d6caca371411a407bf7065082ed65
b639e0a5a8be83f82e9bb1b0c8a520a769ec3a988f0d40aa8a23c8c769b17696
b78b6eacf2d3d7dbbbb8376b06fd8e2ae781e0be6f339224fc37196a66232716
b7928a1cd1811abaec44e155bc28cc8d40a04338eea4e92c0bb3101874b480b1
ba0ceb2aa6d6c75e40beba91061254f13bd1a3c6b568fc2c02131be8573d3116
be1276b9fcc751ea3d53906870d6328216238d74a223806349150987dfc7a568
becbabf5f70b065cac3dc3fcff12ca7eb75fd8426c7c3b295154d434588b5dab
c0203b0a0e930ad4f43e19276e5d61b74e1f75004b80021364df276bf491a6c6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c31b2375744708f38933b2cb26263a36bb9c254ba30d3d669953136ffd70dbe5
c45153bd359a06f9460d3b24361bcced7f49b0324b7937c6849df4ce55ad4961
c540fdda5a880c854dfe598220503ea70b1a7cd6253236c55e01197f0fd471c9
c610ab9e9360058545e78221a42db764a31323a3856a15dcc7cbd2cda831ab23
c6ac424d5afe6ec8e33a0be5adc8cc7e11e363ed8458a5797f8b3167c6e5a941
c6b99fe4e5eba9ccd266b5c6b8592501266862ae58198ca46b9f86b5676c0d89
c744c5b10a1f60d384e429ac01f1172981b1faedf3007fc80cd9437022e154d2
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ccda4da841b8ef2c4a4b3992f781f1e49de766e3f4eb09dbef8732b850ae6b9c
cd8ce51768e2f2754661ece5e58ddb3d65336635955adfbe2a198dc05be42acf
ce9ba81e0490b81631df558f229c09a92906917b79d8d72b4123b9c8af26c876
cf0a680b3db78402b1968d02a73e5d14ddfbee11d87f60e9cd5ac7cf8c553676
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc8451d44a4a92ed77e0020b58e860d8dde06f1795183ae2ba03be58c410880
d00d07904d0e6271ebef873c9137ac45e0b2e6b7c3c043e161fd68dc08f326c4
d027bb92262bb058938707c6b22bce25ecb11720e3f6d685b7f19e01ad464e6f
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1b8a7a342a97c83b3d9735d6e09d9b38d4139246d8d02c8f17098b4ecac72d3
d554aa1972f5b24ee0e4e02309f7ac003b4a5f4bea681a2382c6db7cc3483e22
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
da0a0a3c37b16eec4c507d06a74851b873ece856ee3c51796c343d8b47e3f57b
daef238eaa5fe22f8304c0c9cae17157ba58b44188f67eb11f17b59fb1d248be
dc6f9465b51ddd159e5268944a013f29114cde4d11265d63ebbca2ee91081f70
ddca3c3103e61750def1ae7ad1a240399cad630f45fc6a66dbee1efc1011b2aa
df0a00e1e07b86913a50e0fbdc4784aba61bb99b50e6c54d0882a6383f9a21dd
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e31ad2859657839509de77419347926d8b00c083709446139518ffab6bf91d87
e3a4032a23d7f94be7a6b3199fc6e227d8933d280fc0d3d3d842117a61a7dc94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40ce0930cd0748fb92bc75739f641212565a3f3f2d719c667f90083d07fbaac
e4e5e561e48daaeb2b0b8e09dfba886c4ed9ee54cc97fe35b8fe5719b5d20f29
e8b437d60188c442585796d764a8553f266fa878437b96be8009a1642e6cf278
e8d94a4440c39a1d6a82be26deccb1b3e91f3cfd02487783e77be0c708b45d10
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec42cccb7771c6efe498b7b7e7e673c1ad7f6002677e18868aab194307e867d5
ee190fba510a680f2be53182c43b9c8238bb2b1f92a4907275c1eba61bd91d70
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eeead248868138b8e6f49f895e81497fbcef0d3a402b7ba997553ac211b448f3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053
efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f370c1978c064ed715099f885066fa3d9dbe18cc821186883ff35782418ff565
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
f41707ebcc62a651749443fb9dd1e7a86f49ae52a87974487a0aa268d65c88fe
f46d4265672d0160d3f769a40a3c5cbf206a750fe633150973259b13fbb3ed0b
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6927908310a9d8ea2a4e5594452cefd9dc8c8aa71bf101c4d497964b16efedf
f764f20f282e807aeccf2d7b42fb4461aeb92a6a0f4ce584ed3499d5f29d0b2d
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342
fad256c668aa1eb51fa18a925e95273df342e46f3162de728123b4c1fb922b5e
fb0f534cbdc4f12e5ce356d330df1f9212dab3b9035f9ca084d6c54d5e7cd821
fc1c98b585058c74ff3f6a841129f139d9788d8c73b1a54a030189fbe83620bb
fcc16bf1238724eedd1638bf0937b691bb01d08e585ac5e1db274acb47147c5e
fd857341e3bc19e8c375e272b2d0c5456d7e01f3f15329dd03bb9b3333e6fb32
ff59795b78562ddf271cbcc5e291e1f2599d1654b05e9c374d0da4755983fe63
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89