urlscan.io logo urlscan.io
SecurityTrails logo

legacypaints.co.ke Open in urlscan Pro
173.237.185.110  Public Scan

Go To Rescan Add Verdict Report
URL: https://legacypaints.co.ke/linode/
Submission: On June 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 19 domains to perform 49 HTTP transactions. The main IP is 173.237.185.110, located in United States and belongs to AS-TIERP-36024, US. The main domain is legacypaints.co.ke.
TLS certificate: Issued by R3 on May 6th 2021. Valid for: 3 months.
This is the only time legacypaints.co.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 173.237.185.110 36024 (AS-TIERP-...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
5 216.58.212.130 15169 (GOOGLE)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 13.224.195.113 16509 (AMAZON-02)
2 6 142.250.185.102 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 35.186.249.72 15169 (GOOGLE)
2 2 2620:119:50e1... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 34.200.97.200 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 151.101.14.110 54113 (FASTLY)
4 162.247.243.147 23467 (NEWRELIC-...)
49 22
2    173.237.185.110 (United States)

ASN36024 (AS-TIERP-36024, US)
PTR: rex.vivawebhost.com
legacypaints.co.ke
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2606:4700::6812:7f04 (United States)

ASN13335 (CLOUDFLARENET, US)
login.linode.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
3    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
www.googleadservices.com
1    2a02:26f0:7100:191::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    13.224.195.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-113.fra2.r.cloudfront.net
static.oktopost.com
6    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
10058064.fls.doubleclick.net
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com
d.impactradius-event.com
2    2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
1    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    34.200.97.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-97-200.compute-1.amazonaws.com
okt.to
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
4    162.247.243.147 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam-cell.nr-data.net
Domain Requested by
6 10058064.fls.doubleclick.net 2 redirects www.googletagmanager.com
legacypaints.co.ke
6 login.linode.com legacypaints.co.ke
5 www.googleadservices.com www.googletagmanager.com
10058064.fls.doubleclick.net
www.googleadservices.com
4 bam-cell.nr-data.net js-agent.newrelic.com
legacypaints.co.ke
4 www.google.de legacypaints.co.ke
10058064.fls.doubleclick.net
4 www.google.com 2 redirects legacypaints.co.ke
3 googleads.g.doubleclick.net 2 redirects www.googleadservices.com
3 www.google-analytics.com www.googletagmanager.com
legacypaints.co.ke
3 bat.bing.com legacypaints.co.ke
bat.bing.com
2 www.facebook.com legacypaints.co.ke
2 adservice.google.com 10058064.fls.doubleclick.net
2 px.ads.linkedin.com 2 redirects
2 connect.facebook.net legacypaints.co.ke
connect.facebook.net
2 fonts.googleapis.com legacypaints.co.ke
2 legacypaints.co.ke 1 redirects
1 js-agent.newrelic.com legacypaints.co.ke
1 okt.to static.oktopost.com
1 stats.g.doubleclick.net legacypaints.co.ke
1 px4.ads.linkedin.com legacypaints.co.ke
1 www.linkedin.com 1 redirects
1 d.impactradius-event.com legacypaints.co.ke
1 static.oktopost.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 www.googletagmanager.com legacypaints.co.ke
49 24

This site contains no links.

Subject Issuer Validity Valid
*.legacypaints.co.ke
R3		 2021-05-06 -
2021-08-04		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-17 -
2021-08-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-11 -
2021-08-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-04-12 -
2021-10-12		 6 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-04-30 -
2022-05-11		 a year crt.sh
*.oktopost.com
Sectigo RSA Organization Validation Secure Server CA		 2019-09-22 -
2021-09-27		 2 years crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.impactradius-event.com
Sectigo RSA Domain Validation Secure Server CA		 2021-01-06 -
2022-01-06		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-04-15 -
2021-10-15		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
okt.to
R3		 2021-06-01 -
2021-08-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-05-21 -
2022-04-10		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://legacypaints.co.ke/linode/
Frame ID: 689FD08EF82824757F1AEB868A56DF27
Requests: 39 HTTP requests in this frame

Frame: https://10058064.fls.doubleclick.net/activityi;dc_pre=CIPLpKmln_ECFXQVBgAd_h8EPw;src=10058064;type=linodec;cat=pagev00;ord=1488333907424;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F
Frame ID: 19EF32E49E197A56FE5FE83CB9058F6F
Requests: 5 HTTP requests in this frame

Frame: https://10058064.fls.doubleclick.net/activityi;dc_pre=CKTLpKmln_ECFRPb1QodKDUPPQ;src=10058064;type=linodec;cat=pagev0;ord=1;num=8231235719505;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F
Frame ID: EAD224E5D856D3C4E15EB7D2402826C7
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://legacypaints.co.ke/linode HTTP 301
    https://legacypaints.co.ke/linode/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

49
Requests

100 %
HTTPS

63 %
IPv6

19
Domains

24
Subdomains

22
IPs

3
Countries

317 kB
Transfer

892 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://legacypaints.co.ke/linode HTTP 301
    https://legacypaints.co.ke/linode/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://10058064.fls.doubleclick.net/activityi;src=10058064;type=linodec;cat=pagev00;ord=1488333907424;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F HTTP 302
  • https://10058064.fls.doubleclick.net/activityi;dc_pre=CIPLpKmln_ECFXQVBgAd_h8EPw;src=10058064;type=linodec;cat=pagev00;ord=1488333907424;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F
Request Chain 15
  • https://10058064.fls.doubleclick.net/activityi;src=10058064;type=linodec;cat=pagev0;ord=1;num=8231235719505;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F HTTP 302
  • https://10058064.fls.doubleclick.net/activityi;dc_pre=CKTLpKmln_ECFRPb1QodKDUPPQ;src=10058064;type=linodec;cat=pagev0;ord=1;num=8231235719505;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F
Request Chain 20
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1287946&time=1623954333106&url=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1287946%26time%3D1623954333106%26url%3Dhttps%253A%252F%252Flegacypaints.co.ke%252Flinode%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1287946&time=1623954333106&url=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1287946&time=1623954333106&url=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F&liSync=true&e_ipv6=AQKGuJ4BuaBoigAAAXobOJ-fpeg-aLjM1NabYJVrvDYbDPbuqHy-4ME9wr3LuRdA_DNJ8CJn
Request Chain 38
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624261649/?random=770087503&cv=9&fst=1623954333347&num=1&npa=1&label=bhntCNT979sBEJH01akC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10058064.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKTLpKmln_ECFRPb1QodKDUPPQ%3Bsrc%3D10058064%3Btype%3Dlinodec%3Bcat%3Dpagev0%3Bord%3D1%3Bnum%3D8231235719505%3Bgtm%3D2wg6g0%3Bauiddc%3D702099586.1623954333%3Bu1%3D%252Flinode%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Flegacypaints.co.ke%252Flinode%252F%3F&ref=https%3A%2F%2Flegacypaints.co.ke%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=nZPLYLiTF4nH7_UPkLm8oAw&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/624261649/?random=770087503&cv=9&fst=1623954333347&num=1&npa=1&label=bhntCNT979sBEJH01akC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10058064.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKTLpKmln_ECFRPb1QodKDUPPQ%3Bsrc%3D10058064%3Btype%3Dlinodec%3Bcat%3Dpagev0%3Bord%3D1%3Bnum%3D8231235719505%3Bgtm%3D2wg6g0%3Bauiddc%3D702099586.1623954333%3Bu1%3D%252Flinode%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Flegacypaints.co.ke%252Flinode%252F%3F&ref=https%3A%2F%2Flegacypaints.co.ke%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=nZPLYLiTF4nH7_UPkLm8oAw&cid=CAQSKQCNIrLMbQs2ZzO2jKIuHAFD1mfm09LaTIVxU4ZhvURYz9YbJiH9pvwr&random=3326979688&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/624261649/?random=770087503&cv=9&fst=1623954333347&num=1&npa=1&label=bhntCNT979sBEJH01akC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10058064.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKTLpKmln_ECFRPb1QodKDUPPQ%3Bsrc%3D10058064%3Btype%3Dlinodec%3Bcat%3Dpagev0%3Bord%3D1%3Bnum%3D8231235719505%3Bgtm%3D2wg6g0%3Bauiddc%3D702099586.1623954333%3Bu1%3D%252Flinode%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Flegacypaints.co.ke%252Flinode%252F%3F&ref=https%3A%2F%2Flegacypaints.co.ke%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=nZPLYLiTF4nH7_UPkLm8oAw&cid=CAQSKQCNIrLMbQs2ZzO2jKIuHAFD1mfm09LaTIVxU4ZhvURYz9YbJiH9pvwr&random=3326979688&resp=GooglemKTybQhCsO&ipr=y
Request Chain 39
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624261649/?random=1560298686&cv=9&fst=1623954333369&num=1&npa=1&label=vtXPCNm6gNwBEJH01akC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10058064.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIPLpKmln_ECFXQVBgAd_h8EPw%3Bsrc%3D10058064%3Btype%3Dlinodec%3Bcat%3Dpagev00%3Bord%3D1488333907424%3Bgtm%3D2wg6g0%3Bauiddc%3D702099586.1623954333%3Bu1%3D%252Flinode%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Flegacypaints.co.ke%252Flinode%252F%3F&ref=https%3A%2F%2Flegacypaints.co.ke%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=nZPLYLzjF__W7_UPiNq0iA0&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/624261649/?random=1560298686&cv=9&fst=1623954333369&num=1&npa=1&label=vtXPCNm6gNwBEJH01akC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10058064.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIPLpKmln_ECFXQVBgAd_h8EPw%3Bsrc%3D10058064%3Btype%3Dlinodec%3Bcat%3Dpagev00%3Bord%3D1488333907424%3Bgtm%3D2wg6g0%3Bauiddc%3D702099586.1623954333%3Bu1%3D%252Flinode%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Flegacypaints.co.ke%252Flinode%252F%3F&ref=https%3A%2F%2Flegacypaints.co.ke%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=nZPLYLzjF__W7_UPiNq0iA0&cid=CAQSKQCNIrLM39O4LwZTiqh3vXuuHDoFL2yYKqJNwHW4aUv5xkjbFgFq1Tp6&random=2762493674&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/624261649/?random=1560298686&cv=9&fst=1623954333369&num=1&npa=1&label=vtXPCNm6gNwBEJH01akC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10058064.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIPLpKmln_ECFXQVBgAd_h8EPw%3Bsrc%3D10058064%3Btype%3Dlinodec%3Bcat%3Dpagev00%3Bord%3D1488333907424%3Bgtm%3D2wg6g0%3Bauiddc%3D702099586.1623954333%3Bu1%3D%252Flinode%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Flegacypaints.co.ke%252Flinode%252F%3F&ref=https%3A%2F%2Flegacypaints.co.ke%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=nZPLYLzjF__W7_UPiNq0iA0&cid=CAQSKQCNIrLM39O4LwZTiqh3vXuuHDoFL2yYKqJNwHW4aUv5xkjbFgFq1Tp6&random=2762493674&resp=GooglemKTybQhCsO&ipr=y

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
legacypaints.co.ke/linode/
Redirect Chain
  • https://legacypaints.co.ke/linode
  • https://legacypaints.co.ke/linode/
35 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.237.185.110 , United States, ASN36024 (AS-TIERP-36024, US),
Reverse DNS
rex.vivawebhost.com
Software
Apache /
Resource Hash
df8e9305d23f8f95843132f22cb5005764b93dfdef2e093d4f44f284ef42d02d

Request headers

:method
GET
:authority
legacypaints.co.ke
:scheme
https
:path
/linode/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:25:33 GMT
server
Apache
content-length
36235
content-type
text/html; charset=UTF-8

Redirect headers

date
Thu, 17 Jun 2021 18:25:32 GMT
server
Apache
location
https://legacypaints.co.ke/linode/
content-length
242
content-type
text/html; charset=iso-8859-1
css
fonts.googleapis.com/ 		7 KB
820 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600&display=swap
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f5593e7f1cdb7334696aed9215d36eb72f90773ca46961eeee1ecd2d115b8045
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Jun 2021 18:12:20 GMT
server
ESF
date
Thu, 17 Jun 2021 18:25:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Jun 2021 18:25:32 GMT
css
fonts.googleapis.com/ 		2 KB
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:500&display=swap
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e46193c0a86c3fdcc8a5aa388fc3706c2349884cd780b17a035cccd19c67a063
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Jun 2021 17:41:18 GMT
server
ESF
date
Thu, 17 Jun 2021 18:25:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Jun 2021 18:25:32 GMT
main-fcbc12b1.css
login.linode.com/static/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.linode.com/static/css/main-fcbc12b1.css
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7f04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
jquery-3.4.1.min-42dd989b.js
login.linode.com//static/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.linode.com//static/js/jquery-3.4.1.min-42dd989b.js
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7f04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
jquery.validate.min-5a69dd70.js
login.linode.com//static/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.linode.com//static/js/jquery.validate.min-5a69dd70.js
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7f04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
bundle.min-70b892da.js
login.linode.com//static/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.linode.com//static/js/bundle.min-70b892da.js
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7f04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gtm.js
www.googletagmanager.com/ 		161 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WD2VL27
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf30ccb18071e16c5fd1fee97a7c925ab8880ddfab6cf440cdf5adf0609914d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:25:33 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54821
x-xss-protection
0
last-modified
Thu, 17 Jun 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 17 Jun 2021 18:25:33 GMT
bat.js
bat.bing.com/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:25:32 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 20:25:24 GMT
x-msedge-ref
Ref A: 95B7ADBB49834319A911E8A7DDDBD7FA Ref B: FRAEDGE1218 Ref C: 2021-06-17T18:25:33Z
etag
"0d2a696ff53d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9008
jquery.validate.min-5a69dd70.js
login.linode.com//static/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.linode.com//static/js/jquery.validate.min-5a69dd70.js
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7f04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c297177f64e473ffc8fa34d3df5d309fc6d62b5be865a3e5ab5a275c5788c983
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:25:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 09 Jun 2021 22:13:58 GMT
server
cloudflare
etag
W/"60c13d26-59ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=0
cf-ray
660e5235a8881f15-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abcd1b58900001f15709f3000000001
expires
Fri, 18 Jun 2021 18:25:33 GMT
4055942.js
bat.bing.com/p/action/ 		0
93 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/4055942.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Jun 2021 18:25:32 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: 994F341221E94CB39768D0D2176ECA57 Ref B: FRAEDGE1218 Ref C: 2021-06-17T18:25:33Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WD2VL27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5216
date
Thu, 17 Jun 2021 16:58:37 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Thu, 17 Jun 2021 18:58:37 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WD2VL27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
c694a371dc0d0d8accc0cc110c4e2e8f15a44682710b85c71c2f68833623737c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13996
x-xss-protection
0
server
cafe
etag
13080284601087747113
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 17 Jun 2021 18:25:33 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WD2VL27
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:191::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 18:25:33 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Jun 2021 01:25:13 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=86107
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2079
oktrk.js
static.oktopost.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.oktopost.com/oktrk.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WD2VL27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 21:18:32 GMT
content-encoding
gzip
last-modified
Mon, 27 Jan 2020 09:47:41 GMT
server
AmazonS3
age
76042
etag
W/"57315c24d6fec75c4d46a8cc3fa6e0d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
-o785cbIAbjXfc4CkhmLtsHCRtQWU_OB1XUXORmN-4Pi2Hg1zV1SgA==
activityi;dc_pre=CIPLpKmln_ECFXQVBgAd_h8EPw;src=10058064;type=linodec;cat=pagev00;ord=1488333907424;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.k...
10058064.fls.doubleclick.net/ Frame 19EF
Redirect Chain
  • https://10058064.fls.doubleclick.net/activityi;src=10058064;type=linodec;cat=pagev00;ord=1488333907424;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.c...
  • https://10058064.fls.doubleclick.net/activityi;dc_pre=CIPLpKmln_ECFXQVBgAd_h8EPw;src=10058064;type=linodec;cat=pagev00;ord=1488333907424;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;...
1 KB
665 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10058064.fls.doubleclick.net/activityi;dc_pre=CIPLpKmln_ECFXQVBgAd_h8EPw;src=10058064;type=linodec;cat=pagev00;ord=1488333907424;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WD2VL27
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
a0654001c2dc95dc14b57fd307f400b2396c57fa799047591790fbbf0fb50ea2
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
10058064.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CIPLpKmln_ECFXQVBgAd_h8EPw;src=10058064;type=linodec;cat=pagev00;ord=1488333907424;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://legacypaints.co.ke/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 17 Jun 2021 18:25:33 GMT
expires
Thu, 17 Jun 2021 18:25:33 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
640
x-xss-protection
0
set-cookie
IDE=AHWqTUknxaQ7D57faQTPm8I-pRc2jk3JwEQmb9O9_KjboMx_2MBW8HCbnpRi-NWTxFM; expires=Tue, 12-Jul-2022 18:25:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 17 Jun 2021 18:25:33 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://10058064.fls.doubleclick.net/activityi;dc_pre=CIPLpKmln_ECFXQVBgAd_h8EPw;src=10058064;type=linodec;cat=pagev00;ord=1488333907424;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activityi;dc_pre=CKTLpKmln_ECFRPb1QodKDUPPQ;src=10058064;type=linodec;cat=pagev0;ord=1;num=8231235719505;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints...
10058064.fls.doubleclick.net/ Frame EAD2
Redirect Chain
  • https://10058064.fls.doubleclick.net/activityi;src=10058064;type=linodec;cat=pagev0;ord=1;num=8231235719505;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypai...
  • https://10058064.fls.doubleclick.net/activityi;dc_pre=CKTLpKmln_ECFRPb1QodKDUPPQ;src=10058064;type=linodec;cat=pagev0;ord=1;num=8231235719505;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;...
1 KB
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10058064.fls.doubleclick.net/activityi;dc_pre=CKTLpKmln_ECFRPb1QodKDUPPQ;src=10058064;type=linodec;cat=pagev0;ord=1;num=8231235719505;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WD2VL27
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
8aa0bf25bc24ab224d8d1f537ff509c2d6935df3ac85e2466de33000d458d317
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
10058064.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CKTLpKmln_ECFRPb1QodKDUPPQ;src=10058064;type=linodec;cat=pagev0;ord=1;num=8231235719505;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://legacypaints.co.ke/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 17 Jun 2021 18:25:33 GMT
expires
Thu, 17 Jun 2021 18:25:33 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
643
x-xss-protection
0
set-cookie
IDE=AHWqTUm7LX-VFK_4pji5rmtINI-kX-TKNk5SBbulwZTpEpH3iAYvcAHV2C7upH8aClY; expires=Tue, 12-Jul-2022 18:25:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 17 Jun 2021 18:25:33 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://10058064.fls.doubleclick.net/activityi;dc_pre=CKTLpKmln_ECFRPb1QodKDUPPQ;src=10058064;type=linodec;cat=pagev0;ord=1;num=8231235719505;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fbevents.js
connect.facebook.net/en_US/ 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
547f226c6e04b6654144617685448d360e2a92d908c6fb646761a1e6d4850004
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24517
x-xss-protection
0
pragma
public
x-fb-debug
iEfsz+D1Q2fvbRqBaYCzWqzXZByAE/+jMZKaAeFp59OUegEKnHO2HcMRWCntlFl1nbTTMphRx7hLjyUG+VsWVQ==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 17 Jun 2021 18:25:33 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
A2041205-ee3d-4db0-a644-7407093ff15c1.js
d.impactradius-event.com/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.impactradius-event.com/A2041205-ee3d-4db0-a644-7407093ff15c1.js
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.249.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7523b6a7c028a98df048fe31a10ef9eef669d08b0fbb11c7053fdb5f628c5221

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:25:33 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABg5-UxkbNdzNKOk1WBy1h6h_a1XhHdFYpPpl8k7GwJWVam49NDGdaH5SerZuernPKX-zMRZwNyfGfK3NvnSuIUFpj4L2X1dag
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
12937
last-modified
Fri, 13 Nov 2020 02:45:50 GMT
server
UploadServer
etag
"1deb389b09621e4a40de2232400a9acf"
vary
Accept-Encoding
x-goog-hash
crc32c=jiInTQ==, md5=Hes4mwliHkpA3iIyQAqazw==
x-goog-generation
1605235550232679
cache-control
public,max-age=900,s-maxage=300
x-goog-stored-content-length
12937
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Thu, 17 Jun 2021 18:30:33 GMT
activityi;register_conversion=1;src=10058064;type=linodec;cat=pagev00;ord=1488333907424;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F
10058064.fls.doubleclick.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://10058064.fls.doubleclick.net/activityi;register_conversion=1;src=10058064;type=linodec;cat=pagev00;ord=1488333907424;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F?
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activityi;register_conversion=1;src=10058064;type=linodec;cat=pagev0;ord=1;num=8231235719505;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flin...
10058064.fls.doubleclick.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://10058064.fls.doubleclick.net/activityi;register_conversion=1;src=10058064;type=linodec;cat=pagev0;ord=1;num=8231235719505;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F?
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1287946&time=1623954333106&url=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1287946%26time%3D1623954333106%26url%3Dhttps%253A%252F%252Flegacypaints.co.ke%252...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1287946&time=1623954333106&url=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1287946&time=1623954333106&url=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F&liSync=true&e_ipv6=AQKGuJ4BuaBoigAAAXobOJ-fpeg-aLjM1NabYJVrvDYbDPbuqH...
0
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1287946&time=1623954333106&url=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F&liSync=true&e_ipv6=AQKGuJ4BuaBoigAAAXobOJ-fpeg-aLjM1NabYJVrvDYbDPbuqHy-4ME9wr3LuRdA_DNJ8CJn
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:25:33 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
jk7cydxxiRaARu3lOSsAAA==

Redirect headers

date
Thu, 17 Jun 2021 18:25:33 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1287946&time=1623954333106&url=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F&liSync=true&e_ipv6=AQKGuJ4BuaBoigAAAXobOJ-fpeg-aLjM1NabYJVrvDYbDPbuqHy-4ME9wr3LuRdA_DNJ8CJn
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
Pr9qwNxxiRZQY0yKfisAAA==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=657147785&t=pageview&_s=1&dl=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F&ul=en-us&de=UTF-8&dt=Welcome%20back!%20-%20Linode&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2064008372&gjid=2012841559&cid=1804974453.1623954333&tid=UA-177150-1&_gid=136471850.1623954333&_r=1&gtm=2wg6g0WD2VL27&z=970162560
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 18:25:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://legacypaints.co.ke
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=657147785&t=pageview&_s=1&dl=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F&ul=en-us&de=UTF-8&dt=Welcome%20back!%20-%20Linode&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=626028302&gjid=1179659901&cid=1804974453.1623954333&tid=UA-177150-29&_gid=136471850.1623954333&_r=1&gtm=2wg6g0WD2VL27&z=1158922049
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 18:25:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://legacypaints.co.ke
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
1552019005089831
connect.facebook.net/signals/config/ 		262 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1552019005089831?v=2.9.41&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96b4261f2620efe5c5e183e1d735d72af2b2bc053d00d1ff76c2b76cec557527
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
XQcx9dEPPBGP3Eatv+PBZvHO27Bf3tbPJlQMqrUWgh59YyJnszcs/33CclAzPOBWXXGu/BixC8qFbmKIG99q+Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 17 Jun 2021 18:25:33 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-177150-1&cid=1804974453.1623954333&jid=2064008372&gjid=2012841559&_gid=136471850.1623954333&_u=YEBAAEAAAAAAAC~&z=2142174182
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 17 Jun 2021 18:25:33 GMT
content-type
text/plain
access-control-allow-origin
https://legacypaints.co.ke
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071926901/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071926901/?random=1623954333140&cv=9&fst=1623954333140&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F&tiba=Welcome%20back!%20-%20Linode&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2f9685eab2997663b90a13e7c87ff3140d93ba80f2bf732803366d3f4fdada8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 18:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1017
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-177150-1&cid=1804974453.1623954333&jid=2064008372&_u=YEBAAEAAAAAAAC~&z=1576137643
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 18:25:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-177150-1&cid=1804974453.1623954333&jid=2064008372&_u=YEBAAEAAAAAAAC~&z=1576137643
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 18:25:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1071926901/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1071926901/?random=1623954333140&cv=9&fst=1623952800000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&frm=0&url=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F&tiba=Welcome%20back!%20-%20Linode&async=1&fmt=3&is_vtc=1&random=3063127339&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 18:25:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1071926901/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1071926901/?random=1623954333140&cv=9&fst=1623952800000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&frm=0&url=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F&tiba=Welcome%20back!%20-%20Linode&async=1&fmt=3&is_vtc=1&random=3063127339&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 18:25:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
okt.to/ 		0
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://okt.to/ping?uri=%2Flinode%2F&aid=001e06xrsdo3gvo&ts=1623954333208
Requested by
Host: static.oktopost.com
URL: https://static.oktopost.com/oktrk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.200.97.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-97-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:25:33 GMT
content-type
text/javascript;charset=UTF-8
conversion.js
www.googleadservices.com/pagead/ Frame EAD2 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 10058064.fls.doubleclick.net
URL: https://10058064.fls.doubleclick.net/activityi;dc_pre=CKTLpKmln_ECFRPb1QodKDUPPQ;src=10058064;type=linodec;cat=pagev0;ord=1;num=8231235719505;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
5795e23ab075ada2d107030286b0b7952fd039d00fd2083c072ac87adb01ce3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10058064.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17407
x-xss-protection
0
server
cafe
etag
6415388614174845058
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 17 Jun 2021 18:25:33 GMT
dc_pre=CKTLpKmln_ECFRPb1QodKDUPPQ;src=10058064;type=linodec;cat=pagev0;ord=1;num=8231235719505;gtm=2wg6g0;auiddc=*;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F
adservice.google.com/ddm/fls/z/ Frame EAD2 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKTLpKmln_ECFRPb1QodKDUPPQ;src=10058064;type=linodec;cat=pagev0;ord=1;num=8231235719505;gtm=2wg6g0;auiddc=*;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F
Requested by
Host: 10058064.fls.doubleclick.net
URL: https://10058064.fls.doubleclick.net/activityi;dc_pre=CKTLpKmln_ECFRPb1QodKDUPPQ;src=10058064;type=linodec;cat=pagev0;ord=1;num=8231235719505;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10058064.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 18:25:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ Frame 19EF 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 10058064.fls.doubleclick.net
URL: https://10058064.fls.doubleclick.net/activityi;dc_pre=CIPLpKmln_ECFXQVBgAd_h8EPw;src=10058064;type=linodec;cat=pagev00;ord=1488333907424;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
5795e23ab075ada2d107030286b0b7952fd039d00fd2083c072ac87adb01ce3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10058064.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17407
x-xss-protection
0
server
cafe
etag
6415388614174845058
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 17 Jun 2021 18:25:33 GMT
dc_pre=CIPLpKmln_ECFXQVBgAd_h8EPw;src=10058064;type=linodec;cat=pagev00;ord=1488333907424;gtm=2wg6g0;auiddc=*;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F
adservice.google.com/ddm/fls/z/ Frame 19EF 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIPLpKmln_ECFXQVBgAd_h8EPw;src=10058064;type=linodec;cat=pagev00;ord=1488333907424;gtm=2wg6g0;auiddc=*;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F
Requested by
Host: 10058064.fls.doubleclick.net
URL: https://10058064.fls.doubleclick.net/activityi;dc_pre=CIPLpKmln_ECFXQVBgAd_h8EPw;src=10058064;type=linodec;cat=pagev00;ord=1488333907424;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10058064.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 18:25:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/624261649/ Frame EAD2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/624261649/?random=1623954333347&cv=9&fst=1623954333347&num=1&npa=1&label=bhntCNT979sBEJH01akC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10058064.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKTLpKmln_ECFRPb1QodKDUPPQ%3Bsrc%3D10058064%3Btype%3Dlinodec%3Bcat%3Dpagev0%3Bord%3D1%3Bnum%3D8231235719505%3Bgtm%3D2wg6g0%3Bauiddc%3D702099586.1623954333%3Bu1%3D%252Flinode%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Flegacypaints.co.ke%252Flinode%252F%3F&ref=https%3A%2F%2Flegacypaints.co.ke%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
4dfb8ba7e072fbf43929cb9e45296786bc03ab265c1dd19cc694203947dfd809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10058064.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 18:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1552019005089831&ev=PageView&dl=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F&rl=&if=false&ts=1623954333366&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%221335542993495121%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product_group%22%2C%22offers%22%3A%7B%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22130434628943393%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product_group%22%2C%22offers%22%3A%7B%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22525484071757393%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22309083350662205%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.2.1623954333365.1678372790&it=1623954333133&coo=false&rqm=GET
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:25:33 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 17 Jun 2021 18:25:33 GMT
/
www.googleadservices.com/pagead/conversion/624261649/ Frame 19EF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/624261649/?random=1623954333369&cv=9&fst=1623954333369&num=1&npa=1&label=vtXPCNm6gNwBEJH01akC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10058064.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIPLpKmln_ECFXQVBgAd_h8EPw%3Bsrc%3D10058064%3Btype%3Dlinodec%3Bcat%3Dpagev00%3Bord%3D1488333907424%3Bgtm%3D2wg6g0%3Bauiddc%3D702099586.1623954333%3Bu1%3D%252Flinode%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Flegacypaints.co.ke%252Flinode%252F%3F&ref=https%3A%2F%2Flegacypaints.co.ke%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
c04ba532e4fa871a588457ea1b9502166e5402be6c434ed02d5344e258da0f9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10058064.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 18:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1247
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/624261649/ Frame EAD2
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624261649/?random=770087503&cv=9&fst=1623954333347&num=1&npa=1&label=bhntCNT979sBEJH01akC&guid=ON&resp=GooglemKTybQhCsO&eid=25050596...
  • https://www.google.com/pagead/1p-conversion/624261649/?random=770087503&cv=9&fst=1623954333347&num=1&npa=1&label=bhntCNT979sBEJH01akC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&...
  • https://www.google.de/pagead/1p-conversion/624261649/?random=770087503&cv=9&fst=1623954333347&num=1&npa=1&label=bhntCNT979sBEJH01akC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/624261649/?random=770087503&cv=9&fst=1623954333347&num=1&npa=1&label=bhntCNT979sBEJH01akC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10058064.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKTLpKmln_ECFRPb1QodKDUPPQ%3Bsrc%3D10058064%3Btype%3Dlinodec%3Bcat%3Dpagev0%3Bord%3D1%3Bnum%3D8231235719505%3Bgtm%3D2wg6g0%3Bauiddc%3D702099586.1623954333%3Bu1%3D%252Flinode%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Flegacypaints.co.ke%252Flinode%252F%3F&ref=https%3A%2F%2Flegacypaints.co.ke%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=nZPLYLiTF4nH7_UPkLm8oAw&cid=CAQSKQCNIrLMbQs2ZzO2jKIuHAFD1mfm09LaTIVxU4ZhvURYz9YbJiH9pvwr&random=3326979688&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 10058064.fls.doubleclick.net
URL: https://10058064.fls.doubleclick.net/activityi;dc_pre=CKTLpKmln_ECFRPb1QodKDUPPQ;src=10058064;type=linodec;cat=pagev0;ord=1;num=8231235719505;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10058064.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 18:25:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 18:25:33 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/624261649/?random=770087503&cv=9&fst=1623954333347&num=1&npa=1&label=bhntCNT979sBEJH01akC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10058064.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKTLpKmln_ECFRPb1QodKDUPPQ%3Bsrc%3D10058064%3Btype%3Dlinodec%3Bcat%3Dpagev0%3Bord%3D1%3Bnum%3D8231235719505%3Bgtm%3D2wg6g0%3Bauiddc%3D702099586.1623954333%3Bu1%3D%252Flinode%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Flegacypaints.co.ke%252Flinode%252F%3F&ref=https%3A%2F%2Flegacypaints.co.ke%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=nZPLYLiTF4nH7_UPkLm8oAw&cid=CAQSKQCNIrLMbQs2ZzO2jKIuHAFD1mfm09LaTIVxU4ZhvURYz9YbJiH9pvwr&random=3326979688&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/624261649/ Frame 19EF
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624261649/?random=1560298686&cv=9&fst=1623954333369&num=1&npa=1&label=vtXPCNm6gNwBEJH01akC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059...
  • https://www.google.com/pagead/1p-conversion/624261649/?random=1560298686&cv=9&fst=1623954333369&num=1&npa=1&label=vtXPCNm6gNwBEJH01akC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600...
  • https://www.google.de/pagead/1p-conversion/624261649/?random=1560298686&cv=9&fst=1623954333369&num=1&npa=1&label=vtXPCNm6gNwBEJH01akC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/624261649/?random=1560298686&cv=9&fst=1623954333369&num=1&npa=1&label=vtXPCNm6gNwBEJH01akC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10058064.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIPLpKmln_ECFXQVBgAd_h8EPw%3Bsrc%3D10058064%3Btype%3Dlinodec%3Bcat%3Dpagev00%3Bord%3D1488333907424%3Bgtm%3D2wg6g0%3Bauiddc%3D702099586.1623954333%3Bu1%3D%252Flinode%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Flegacypaints.co.ke%252Flinode%252F%3F&ref=https%3A%2F%2Flegacypaints.co.ke%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=nZPLYLzjF__W7_UPiNq0iA0&cid=CAQSKQCNIrLM39O4LwZTiqh3vXuuHDoFL2yYKqJNwHW4aUv5xkjbFgFq1Tp6&random=2762493674&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 10058064.fls.doubleclick.net
URL: https://10058064.fls.doubleclick.net/activityi;dc_pre=CIPLpKmln_ECFXQVBgAd_h8EPw;src=10058064;type=linodec;cat=pagev00;ord=1488333907424;gtm=2wg6g0;auiddc=702099586.1623954333;u1=%2Flinode%2F;ps=1;~oref=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10058064.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 18:25:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 18:25:33 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/624261649/?random=1560298686&cv=9&fst=1623954333369&num=1&npa=1&label=vtXPCNm6gNwBEJH01akC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10058064.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIPLpKmln_ECFXQVBgAd_h8EPw%3Bsrc%3D10058064%3Btype%3Dlinodec%3Bcat%3Dpagev00%3Bord%3D1488333907424%3Bgtm%3D2wg6g0%3Bauiddc%3D702099586.1623954333%3Bu1%3D%252Flinode%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Flegacypaints.co.ke%252Flinode%252F%3F&ref=https%3A%2F%2Flegacypaints.co.ke%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=nZPLYLzjF__W7_UPiNq0iA0&cid=CAQSKQCNIrLM39O4LwZTiqh3vXuuHDoFL2yYKqJNwHW4aUv5xkjbFgFq1Tp6&random=2762493674&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bundle.min-70b892da.js
login.linode.com//static/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.linode.com//static/js/bundle.min-70b892da.js
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7f04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d006329a074effbd963162fcc99621690d57d6be9318f99326a52a3104b44bf2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:25:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 09 Jun 2021 22:13:58 GMT
server
cloudflare
etag
W/"60c13d26-318f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=0
cf-ray
660e5238bf471f15-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abcd1b77000001f15c1b70000000001
expires
Fri, 18 Jun 2021 18:25:33 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1552019005089831&ev=Microdata&dl=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F&rl=&if=false&ts=1623954333869&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Welcome%20back!%20-%20Linode%22%2C%22meta%3Adescription%22%3A%22Login%20to%20your%20Linode%20account.%22%2C%22meta%3Akeywords%22%3A%22Linode%2C%20linode%2C%20cloud%2C%20login%2C%20account%2C%20signup%22%7D&cd[OpenGraph]=%7B%22twitter%3Atitle%22%3A%22Welcome%20back!%22%2C%22twitter%3Adescription%22%3A%22Login%20to%20your%20Linode%20account.%22%2C%22twitter%3Adomain%22%3A%22https%3A%2F%2Flogin.linode.com%2Flogin%22%2C%22twitter%3Aurl%22%3A%22https%3A%2F%2Flogin.linode.com%2Flogin%22%2C%22twitter%3Acard%22%3A%22https%3A%2F%2Flogin.linode.com%2Fstatic%2Flogo.png%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Flogin.linode.com%2Fstatic%2Flogo.png%22%2C%22twitter%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Welcome%20back!%22%2C%22og%3Adescription%22%3A%22Login%20to%20your%20Linode%20account.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Flogin.linode.com%2Flogin%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Flogin.linode.com%2Fstatic%2Flogo.png%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.41&r=stable&ec=1&o=30&fbp=fb.2.1623954333365.1678372790&it=1623954333133&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 18:25:33 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 17 Jun 2021 18:25:33 GMT
nr-1209.min.js
js-agent.newrelic.com/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1209.min.js
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1676a8158867ca736ff0a960b9300b8e0e8c016faa2b3211d54d1317213be669

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ilyf2heqjbcb6UZHMuleD6bz44kdIrhk
content-encoding
gzip
etag
"ceffb14d16467e17c5360bf7880099fa"
x-amz-request-id
5748RK4XNY0JFAXS
x-cache
HIT
content-length
11738
x-amz-id-2
Bgz/pgtJbcxVQT1M95LrS9P8w6ydNOlS7rqz4RAI+tM5Ek3RKKQrMB0BxrzJZwT8Jt6pEpDvSuo=
x-served-by
cache-fra19120-FRA
last-modified
Thu, 20 May 2021 23:21:18 GMT
server
AmazonS3
x-timer
S1623954334.993530,VS0,VE0
date
Thu, 17 Jun 2021 18:25:33 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
9041
0
bat.bing.com/action/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4055942&Ver=2&mid=39661139-7bea-4d32-92ee-c2b1580afec2&sid=67974600cf9911eb882d57708ed5f499&vid=679759a0cf9911eb9729abf402482b04&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Welcome%20back!%20-%20Linode&kw=Linode,%20linode,%20cloud,%20login,%20account,%20signup&p=https%3A%2F%2Flegacypaints.co.ke%2Flinode%2F&r=&lt=1840&evt=pageLoad&msclkid=N&sv=1&rn=515184
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 17 Jun 2021 18:25:33 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 905653BA7E0C4A06A3D75FBC5AEFC972 Ref B: FRAEDGE1218 Ref C: 2021-06-17T18:25:33Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
6121af9d9e
bam-cell.nr-data.net/1/ 		49 B
915 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/6121af9d9e?a=229795329&v=1209.f04e2b9&to=ZQcHZhMCWRIFUxJQC1xNI0cPAEMIC15JVQtVCwscAw9CBBRCD1cQQUwJXQYKWVsIXwFQCm0lIGY%3D&rst=1877&ck=1&ref=https://legacypaints.co.ke/linode/&ap=4&be=839&fe=1839&dc=1839&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1623954332139,%22n%22:0,%22r%22:1,%22re%22:546,%22f%22:546,%22dn%22:546,%22dne%22:546,%22c%22:546,%22ce%22:546,%22rq%22:547,%22rp%22:705,%22rpe%22:833,%22dl%22:708,%22di%22:1839,%22ds%22:1839,%22de%22:1839,%22dc%22:1839,%22l%22:1839,%22le%22:1840%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=914&fcp=914&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1209.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 18:25:34 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-NewRelic-App-Data
PxQGQlRaCAMIU1RUFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUChoLAFELVnRMB05WAhtDAwFZUQEBBQEBV1UDBQkOAUBKBQNcEV0/
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
660e523bbc57d8e1-AMS
cf-request-id
0abcd1b94f0000d8e1f48b6000000001
6121af9d9e
bam-cell.nr-data.net/resources/1/ 		36 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/resources/1/6121af9d9e?a=229795329&v=1209.f04e2b9&to=ZQcHZhMCWRIFUxJQC1xNI0cPAEMIC15JVQtVCwscAw9CBBRCD1cQQUwJXQYKWVsIXwFQCm0lIGY%3D&rst=2461&ck=1&ref=https://legacypaints.co.ke/linode/&st=1623954332139
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86d84d047be73aa8314908bd148dae34ad3476dc2421222356e2a0789b1ec27c

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 17 Jun 2021 18:25:35 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://legacypaints.co.ke
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
660e523f5835d8e1-AMS
Content-Length
36
cf-request-id
0abcd1bb950000d8e1182f3000000001
6121af9d9e
bam-cell.nr-data.net/events/1/ 		24 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/6121af9d9e?a=229795329&v=1209.f04e2b9&to=ZQcHZhMCWRIFUxJQC1xNI0cPAEMIC15JVQtVCwscAw9CBBRCD1cQQUwJXQYKWVsIXwFQCm0lIGY%3D&rst=11878&ck=1&ref=https://legacypaints.co.ke/linode/
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 17 Jun 2021 18:25:44 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://legacypaints.co.ke
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
660e527a2f77d8e1-AMS
Content-Length
24
cf-request-id
0abcd1e05d0000d8e1cc347000000001
6121af9d9e
bam-cell.nr-data.net/resources/1/ 		36 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/resources/1/6121af9d9e?a=229795329&v=1209.f04e2b9&to=ZQcHZhMCWRIFUxJQC1xNI0cPAEMIC15JVQtVCwscAw9CBBRCD1cQQUwJXQYKWVsIXwFQCm0lIGY%3D&rst=13032&ck=1&ref=https://legacypaints.co.ke/linode/&st=1623954332139&ptid=11ff69fe-0001-b000-0000-017a1b38a57f
Requested by
Host: legacypaints.co.ke
URL: https://legacypaints.co.ke/linode/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86d84d047be73aa8314908bd148dae34ad3476dc2421222356e2a0789b1ec27c

Request headers

Referer
https://legacypaints.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 17 Jun 2021 18:25:45 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://legacypaints.co.ke
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
660e52816ecad8e1-AMS
Content-Length
36
cf-request-id
0abcd1e4e10000d8e1aab3e000000001

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require object| dataLayer object| uetq function| UET function| UET_init function| UET_push object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id string| OktopostTrackerObject function| _oktrk function| fbq function| _fbq function| getCookie function| setAttributionVals string| ire_o function| ire function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| ImpactRadiusEvent object| irEvent function| disableButton function| updateErrorText function| clearText function| debounce undefined| $errorIcon undefined| $successIcon undefined| $submit undefined| targettedForms undefined| isChrome undefined| checkAutoFill

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUm7LX-VFK_4pji5rmtINI-kX-TKNk5SBbulwZTpEpH3iAYvcAHV2C7upH8aClY
.legacypaints.co.ke/ Name: _fbp
Value: fb.2.1623954333365.1678372790

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10058064.fls.doubleclick.net
adservice.google.com
bam-cell.nr-data.net
bat.bing.com
connect.facebook.net
d.impactradius-event.com
fonts.googleapis.com
googleads.g.doubleclick.net
js-agent.newrelic.com
legacypaints.co.ke
login.linode.com
okt.to
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
static.oktopost.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
108.174.10.14
13.224.195.113
142.250.185.102
151.101.14.110
162.247.243.147
173.237.185.110
216.58.212.130
2606:4700::6812:7f04
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::2004
2a00:1450:4001:802::200a
2a00:1450:4001:812::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c04::9c
2a02:26f0:7100:191::25ea
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.200.97.200
35.186.249.72
09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1676a8158867ca736ff0a960b9300b8e0e8c016faa2b3211d54d1317213be669
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
4dfb8ba7e072fbf43929cb9e45296786bc03ab265c1dd19cc694203947dfd809
547f226c6e04b6654144617685448d360e2a92d908c6fb646761a1e6d4850004
5795e23ab075ada2d107030286b0b7952fd039d00fd2083c072ac87adb01ce3b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1
7523b6a7c028a98df048fe31a10ef9eef669d08b0fbb11c7053fdb5f628c5221
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86d84d047be73aa8314908bd148dae34ad3476dc2421222356e2a0789b1ec27c
8aa0bf25bc24ab224d8d1f537ff509c2d6935df3ac85e2466de33000d458d317
96b4261f2620efe5c5e183e1d735d72af2b2bc053d00d1ff76c2b76cec557527
a0654001c2dc95dc14b57fd307f400b2396c57fa799047591790fbbf0fb50ea2
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
bf30ccb18071e16c5fd1fee97a7c925ab8880ddfab6cf440cdf5adf0609914d8
c04ba532e4fa871a588457ea1b9502166e5402be6c434ed02d5344e258da0f9e
c297177f64e473ffc8fa34d3df5d309fc6d62b5be865a3e5ab5a275c5788c983
c694a371dc0d0d8accc0cc110c4e2e8f15a44682710b85c71c2f68833623737c
d006329a074effbd963162fcc99621690d57d6be9318f99326a52a3104b44bf2
d2f9685eab2997663b90a13e7c87ff3140d93ba80f2bf732803366d3f4fdada8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df8e9305d23f8f95843132f22cb5005764b93dfdef2e093d4f44f284ef42d02d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46193c0a86c3fdcc8a5aa388fc3706c2349884cd780b17a035cccd19c67a063
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5593e7f1cdb7334696aed9215d36eb72f90773ca46961eeee1ecd2d115b8045